THE WIFI REPEATER YOU PROBABLY HAVE ON YOUR BENCH
2017-12-27
Few things are as frustrating as a WiFi signal that drops in and out. On a public network it is bad enough but at home? Even if you can liveRead More →
Sednit update: How Fancy Bear Spent the Year
2017-12-26
The Sednit group — also known as Strontium, APT28, Fancy Bear or Sofacy — is a group of attackers operating since 2004, if not earlier, and whose main objective is to stealRead More →
Facebook phishers want you to “Connect with Facebook”
2017-12-23
As we edge toward Christmas, scammers are throwing their own party—in the form of Facebook phishing pages linked to and from bogus landing pages hosted on sites(dot)google(dot)com URLs. These landingRead More →
Windows XP ATM Machine “Hacked” by Simply Pressing Shift Five Times in a Row
2017-12-22
Bad configuration leaves ATM exposed to further hacks. We’ve known for a while that ATM machines running Windows XP (Embedded version or not) are exposed to attacks, but when weRead More →
Facebook Is Disrupting North Korean Hacking Operations
2017-12-20
The company’s announcements came on the heels of the US government’s public accusation blaming the North Korean government for WannaCry. Facebook says it has discovered and banned some malicious accountsRead More →
Hackers take control of security firm’s domain, steal secret data
2017-12-19
Attackers bypass HTTPS encryption protection by registering new TLS certificate. A Dutch security firm recently fell victim to a well-executed attack that allowed hackers to take control of its serversRead More →
Face Palm: Windows 10 Bundled A Password Manager That Exposed Your Saved Passwords
2017-12-18
About 16 months ago, a Google Project Zero researcher found a critical bug in a password manager named Keeper. The bug allowed Keeper to inject its trusted UI into untrustedRead More →
Anyone can steal all of chrome saved passwords, form fields, bookmarks, history
2017-12-16
You can try it with your friends at work or with anyone that gives you access to a computer… it’s really funny but dangerous. I reported this issue to googleRead More →
These five programming languages have flaws that expose apps to attack
2017-12-16
Securely-developed apps may be at risk due to security issues in popular interpreted programming languages. Even software that has been built with secure development procedures may still be vulnerable toRead More →
Security researcher says DirecTV hardware can be easily hacked
2017-12-14
The flaw was privately disclosed to the device maker in June, but six months later, there’s still no patch. Homes signed up to AT&T’s DirecTV service may be inadvertently runningRead More →
“Suspicious” event routes traffic for big-name sites through Russia
2017-12-14
Google, Facebook, Apple, and Microsoft all affected by “intentional” BGP mishap. Traffic sent to and from Google, Facebook, Apple, and Microsoft was briefly routed through a previously unknown Russian InternetRead More →
MoneyTaker: in pursuit of the invisible
2017-12-11
Group-IB has uncovered a hacker group attacking banks in the USA and Russia. In less than two years, this group has conducted over 20 successful attacks on financial institutions andRead More →
HOW TO PROTECT YOURSELF AFTER THE NEXT BIG CORPORATE HACK
2017-12-08
AT THIS POINT, it’s safe to assume that everyone’s been affected by one megabreach or another. But when the next Equifax debacle happens, know that there’s plenty you can do toRead More →
Digital currency exchange NiceHash says bitcoin worth nearly $64 million hacked
2017-12-07
Cryptocurrency marketplace NiceHash said the contents of its bitcoin wallet had been stolen in a security breach and one executive said nearly $64 million had been lost. NiceHash head ofRead More →
“Malware-free” attacks mount in big breaches, CrowdStrike finds
2017-12-07
Stolen credentials, exploits of command-line tools used in 66 percent of attacks. Despite the rise of massive crypto-ransomware attacks, an even more troubling trend emerged in data gathered by theRead More →
Virtual Keyboard Developer Leaked 31 Million of Client Records
2017-12-06
31 Million Client Registration Files Leaked by Personalized Keyboard Developer. The Kromtech Security Center has discovered a massive amount of customer files leaked online and publically available. Researchers were ableRead More →
PayPal’s TIO data breach: 1.6 million customers’ personal details stolen by hackers
2017-12-04
The disclosure comes less than a month after PayPal suspended TIO Network’s operations when it found security vulnerabilities. PayPal has revealed that its recently acquired company TIO Networks has sufferedRead More →
Kernel Exploit Demo – Windows 10 privesc via WARBIRD
2017-12-02
In my previous post, I showed a number of ways of gaining SYSTEM privileges. The post ended up being a lot more successful than I thought it would, so thanksRead More →
National Credit Federation leaked US citizen data through unsecured AWS bucket
2017-12-01
Tens of thousands of customers of the credit repair service are believed to be affected. The National Credit Federation (NCF) has become the latest in a long list of companies to leaveRead More →
Persistent drive-by cryptomining coming to a browser near you
2017-11-30
Since our last blog on drive-by cryptomining, we are witnessing more and more cases of abuse involving the infamous Coinhive service that allows websites to use their visitors to mine theRead More →
