Explained: WMI hijackers
2016-10-06
Windows Management Instrumentation (WMI) hijackers are proving to be a plague to remove for the average user. Even experienced users may be stumped if they run into one and don’tRead More →
The Oracle of Delphi Will Steal Your Credentials
2016-10-06
It was one of those warm summer nights, no clouds, just a bright full moon lighting the way. Someone had unknowingly stumbled upon our honeypot, completely unaware of the factRead More →
Remember 68 Million Hacked Dropbox Data? It’s available for free download
2016-10-04
The online storage platform Dropbox suffered a massive blow back in August when the company learned that over 60 million of its user accounts got hacked and credentials stolen byRead More →
OpenJPEG zero-day flaw leads to remote code execution
2016-10-03
The newly-discovered bug gives attackers the chance to execute code through the open-source JPEG 2000 codec. Cisco Talos researchers have uncovered a severe zero-day flaw in the OpenJPEG JPEG 2000Read More →
Space Wars Will Be Fought With Hacks, Not Missiles
2016-10-03
On Monday morning, a number of professionals in the aerospace industry received a rather mundane email containing a PDF ostensibly about the future of Russian aerospace programs, but which actuallyRead More →
Hacking PayPal’s Express Checkout
2016-10-01
Recent research on web security and related topics. Provided and maintained by members and friends of the Chair for Network and Data Security, Horst Görtz Institute, Ruhr-University Bochum. Do youRead More →
Hacked Steam accounts spreading Remote Access Trojan
2016-10-01
Yesterday, I stumbled on a post where a Reddit user named Haydaddict was alerting people about some hacked Steam accounts spreading malware. As I am always interested in new malware, I took a lookRead More →
A Top-Shelf iPhone Hack Now Goes for $1.5 Million
2016-09-30
AS IOS AND Android mature, the stand-off between platforms and hackers escalates in kind. Each release brings new security measures, while those who want to break in—nation-state intelligence agencies andRead More →
Kaspersky decrypts Ransomware from TeamXRat
2016-09-30
Kaspersky posted a great article about their TeamXrat Ransomware analysis and how they were able to create a decryptor for its victims. Reported back in mid September in our forums, I and other security researchersRead More →
HANCITOR DOWNLOADER ABUSING APIS, POWERSHELL COMMANDS
2016-09-27
We recently observed Hancitor attacks against some of our FireEye Exploit Guard customers. The malicious document used to deliver the Hancitor executable was observed being distributed as an attachment inRead More →
MarsJoke Ransomware Mimics CTB-Locker
2016-09-26
Ransomware in its various forms continues to make headlines as much for high-profile network disruptions as for the ubiquity of attacks among consumers. We recently noted the non-linear growth ofRead More →
Hack This: Start an IRC Channel
2016-09-26
Internet relay chat (IRC) is a fundamentally primitive technology, a precursor to social networks, and, especially, chat services like Slack and Hipchat. Slack, in particular, has been quietly decimating IRCRead More →
Cyber crooks focus on the future as ATM Biometric Skimmers go on Sale
2016-09-24
Kaspersky Lab presented an investigation on the future of ATM Biometric Skimmers and how cybercriminals could exploit them. A recent investigation by Kaspersky Labs reports that a number of undergroundRead More →
The banker that can steal anything
2016-09-21
In the past, we’ve seen superuser rights exploit advertising applications such as Leech, Guerrilla, Ztorg. This use of root privileges is not typical, however, for banking malware attacks, because moneyRead More →
The Spider That Crawls the Dark Web Looking for Stolen Data
2016-09-20
A start-up alerts organizations when their sensitive information pops up for sale online. When police officers respond to a theft or a mugging, they’ll usually ask for the serial numbersRead More →
FACEBOOK FIXES VULNERABILITY THAT LED TO ACCOUNT TAKEOVER, PAYS RESEARCHER $16K
2016-09-20
Facebook quickly resolved a vulnerability in its Business Manager tool late last month that could have let an attacker take over any Facebook page. Arun Sureshkumar, a security researcher in India, disclosed theRead More →
Boffins analyzed EXIF metadata in photos on principal blackmarkets
2016-09-19
Two researchers have analyzed images Exif metadata included in the photos used by crooks to advertise their products on black marketplaces in the dark web. Darknets are a privileged environmentRead More →
US 911 Emergency Services Can Be Shut Down by DDoS Attacks From Mobile Botnets
2016-09-16
Research published last week by the Cyber-Security Research Center at the Ben-Gurion University of the Negev in Israel reveals that it only takes about 6,000 smartphones infected with malware toRead More →
A look into French underground from pen guns and euthanasia kits
2016-09-15
“The French Underground: Under a Shroud of Extreme Caution”, another interesting report published by Trend Micro on illegal activities in the Dark Web. The dark web is a privileged place whereRead More →
NoobCrypt Ransomware Dev shows Noobness by using Same Password for Everyone
2016-09-13
It is a good day when a ransomware programmer channels their noobness and releases an insecure ransomware. This is the case with a new variant of the NoobCrypt Ransomware that was discovered by security researcher Jakub Kroustek.Read More →
