Invoke-DOSfuscation is a PowerShell v2.0+ compatible cmd.exe command obfuscation framework. (White paper: https://www.fireeye.com/blog/threat-research/2018/03/dosfuscation-exploring-obfuscation-and-detection-techniques.html) Over the past several years we witnessed a myriad of obfuscation and evasion techniques employed by several threatRead More →
Five million stolen credit and debit cards offered for sale starting March 28 by the JokerStash hacking syndicate known as Fin7. Information security training experts believe that are likely cameRead More →
Facebook Vice President Andrew “Boz” Bosworth is known for being blunt and direct at Facebook’s meetings. His Twitter description calls him “co-inventor of News Feed, Messenger, Groups, and more.” InRead More →
A Russian man on Friday pleaded not guilty to charges he hacked three U.S. technology companies, potentially compromising personal details of more than 100 million users, including on LinkedIn, afterRead More →
“Small number of systems” suffer “limited malware intrusion” Boeing appears to be the most recent target of the WannaCry ransomware, but the company says that it detected only what it callsRead More →
The group impersonated tax authorities to dupe victims into handing over their account details. 20 suspected fraudsters have been arrested in connection with a banking fraud scheme which resulted inRead More →
A dangerous Drupal flaw could leave your site completely compromised if you don’t patch the flaw immediately. Developers of popular open-source CMS Drupal are warning admins to immediately patch aRead More →
There is another malware aiming at Windows devices. This time, the malware is spread from YouTube. The information security training researchers at Russian anti-virus vendor Dr. Web have discovered a dangerous malwareRead More →
Microsoft’s Meltdown fix opened a gaping hole in Windows 7 security, warn researchers. Meltdown and Specter are probably the worst vulnerabilities discovered in the history of computing. These two securityRead More →
For the first time, a hardware backdoor tool is presented having several advanced features, such as: remote control via SMS commands, automated launch of attack payloads at a GPS locationRead More →
The email service at the Northern Ireland Parliament, Stormont has been hit by a brute force attack allowing unknown attackers to access email accounts of several members, according to information securityRead More →
The information security researchers at SophosLabs have discovered a new Android malware in seemingly harmless QR reader apps on Google Play Store. The malware has been developed to flood AndroidRead More →
A new spear phishing campaign targeting government agencies with an evolved version of Sanny malware, an old information-stealer that now features a multi-stage infection process, whereby each stage is downloadedRead More →
The first round of security updates released in 2018 for OpenSSL patch a total of three vulnerabilities, but none of them appears to be serious, information security training professionals said. OpenSSL versionsRead More →
It was recently revealed by information security training researchers that an analytics firm, Cambridge Analytica, wrongfully gained access to the data of 50 million people swept up from Facebook via a ‘personalityRead More →
Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment. This RAT will help someone during red team engagements to backdoor any Windows machines. It tracks theRead More →
The IETF has been analyzing proposals for TLS 1.3 since 2014; the final release is the result of the work on 28 drafts. The Internet Engineering Task Force (IETF) hasRead More →
As per discovery of security researchers, the Trickbot malware has been updated with you capabilities to evade detection and lock victim’s computers. The malware targets customers of major banks. AccordingRead More →
Maybe check your data archive to see if Facebook’s algorithms know who you called. [Update, March 25, 2018, 20:24 Eastern Time]: Facebook has responded to this and other reports regardingRead More →
“Hacktivist” logged into a social media account from an IP address at GRU HQ in Moscow. Soon after the June 2016 announcement by CrowdStrike that the Democratic National Committee’s network had beenRead More →
