A U.S. District Court judge in Atlanta last week handed a five year prison sentence to Mark Vartanyan, a Russian hacker who helped develop and sell the once infamous and widespread Citadel bankingRead More →
Researchers from ClearSky and Trend Micro uncovered a new massive cyber espionage campaign conducted by CopyKittens dubbed ‘Operation Wilted Tulip’ A joint investigation conducted by experts from the Israeli cyber-intelligenceRead More →
LAS VEGAS—Researcher Omer Gil has devised a way to trick a web server into caching pages and exposing personal data. The so-called web caching attack targets sites that use contentRead More →
Android SSL Re-Pinning Two kinds of SSL Pinning implementations can be found in Android apps: the home-made and the proper one. The former is usually a single method, performing allRead More →
In July 2017, security researchers have spotted a new version of the proficient Ursnif banking trojan that comes with a clever trick to avoid sandbox environments and automated virtual machinesRead More →
Surveillance malware dubbed Firefly was easy to spot but flew under the radar anyway. A mysterious piece of malware that gives attackers surreptitious control over webcams, keyboards, and other sensitiveRead More →
Veritaseum has confirmed today that a hacker stole $8.4 million from the platform’s ICO on Sunday, July 23. This is the second ICO hack in the last week and theRead More →
LAS VEGAS—The FruitFly backdoor became a known entity in January, but it’s a good bet that for years it had been in the wild, undetected by analysts and security software.Read More →
An as yet unnamed 29-year-old pleaded guilty on Friday to charges relating to the hijacking of more than 1.25 million Deutsche Telekom routers, according to reports in the German press.Read More →
The security researcher Vikas Anil Sharma exploited an unrestricted File Upload vulnerability in a PayPal Server to remotely execute code. The security researcher Vikas Anil Sharma has found a remote codeRead More →
A 29-year-old man pleaded guilty in court on Friday to hijacking over 900,000 routers from the network of Deutsche Telekom, according to several reports in the German press [1, 2, 3, 4]. TheRead More →
Microsoft used the lawsuit to disrupt a large number of cyber espionage campaigns conducted by infamous Fancy Bear APT hacking group We have discussed several times about hacking back and the caseRead More →
I wrote most of the code of this small project, called ‘injectAllTheThings’, a while ago when I started developing custom tools for Red Team engagements (in order to emulate differentRead More →
The DarkHotel hacking group, a threat actor known to engage in advanced cyber-espionage tactics, has shifted operations from targeting CEOs and businessmen to political figures. DarkHotel has its own placeRead More →
Introduction We are continuing our series of blog posts dissecting the exploits released by ShadowBrokers in April 2017. After the first two posts about the SMB exploits known as EternalChampion and EternalSynergy, we’llRead More →
Briar, an instant messaging service that works over the Tor network, has reached beta stage today, the app’s creators announced. Only an Android app is available at the moment, whichRead More →
Records request denied because FCC made no “written documentation” of attack. The US Federal Communications Commission says it has no written analysis of DDoS attacks that hit the commission’s net neutralityRead More →
Over 500,000 users have had their computers infected with a stealthy malware named Stantinko, according to a 99-page report released yesterday by Slovak antivirus maker ESET. The malware is a modularRead More →
Tor wants to find bugs which could compromise the identity of its users. The Tor Project has joined with HackerOne to launch a public bug bounty program aimed at findingRead More →
While doing my normal scan through various sites that are known to push unwanted programs, I ran across a new version of a Chrome extension family that hijacks searches done onRead More →
