Decryption tool is of limited value, because XP was unaffected by last week’s worm. Owners of some Windows XP computers infected by the WCry ransomware may be able to decryptRead More →
Yesterday, we released binsnitch.py – a tool you can use to detect unwanted changes to the file sytem. The tool and documentation is available here: https://github.com/NVISO-BE/binsnitch. Binsnitch can be used to detect silentRead More →
An Italian expert discovered a critical Improper Authentication vulnerability affecting the UBER platform that allowed password reset for any account. The Italian security expert Vincenzo C. Aka @Procode701 has discovered 7Read More →
It’s sad, but someone, somewhere on the Dark Web will now be privy to all your eating habits, or at least the one that Zomato knows about. For the uninitiated,Read More →
WaPo confirms long-held suspicions as NSA cyberweapons crisis threatens to grow worse. After learning that one of its most prized hacking tools was stolen by a mysterious group calling itselfRead More →
The Joomla CMS project released today Joomla 3.7.1 to fix an SQL injection flaw that allows attackers to execute custom SQL code on affected systems and take over vulnerable sites.Read More →
A California judge has found Yovan Garcia, a former security guard, guilty for hacking his former employer, stealing proprietary software, and trashing the company network after he resigned and leftRead More →
The telco giant Bell Canada was the victim of a security breach that exposed roughly two million customer account details. The long string of data breach continues, while I’m writingRead More →
Security researchers from Sucuri have found hacked WordPress sites that were altered to secretly siphon off cookies for user and admin accounts to a rogue domain imitating the WordPress API.Read More →
Yes, WannaCry is horrible. It locked people’s files and ruined businesses all over the world. With that being said, that doesn’t mean people can’t have fun with it. Over theRead More →
Just by accessing a folder containing a malicious SCF file, a user will unwittingly share his computer’s login credentials with an attacker via Google Chrome and the SMB protocol. ThisRead More →
The heap In this chapter we will look at the heap and malloc in order to answer some of the questions we ended with at the end of the previousRead More →
Today, the Shadow Brokers have published a new message teasing new exploits for people who register for a new membership program the group has announced for next month, June 2017.Read More →
Next time someone links you to whatsapp.com, make sure you take a second look. There’s some adware currently circulating around the web by tricking users to visit a ‘шһатѕарр.com’ domainRead More →
Identical code ties Friday’s attacks to hacks on Sony Pictures and $1bn bank heist. A researcher has found digital fingerprints that tie the WCry ransomware worm that menaced the worldRead More →
Short Bytes: WannaCry 2.0 or WannaDecrypt0r 2.0 ransomware is turning out to be one of the biggest security threats of recent times. It has spread in over 150 countries and affectedRead More →
At the Zero Day Initiative (ZDI), we see patches in a way few do. We get the initial report from a researcher, we verify the issue internally, we notify theRead More →
WikiLeaks Reveals two distinct malware platforms codenamed AfterMidnight and Assassin used by the CIA operators to target Windows systems. While critical infrastructure worldwide and private organizations were ridiculed by the WannaCryRead More →
The WannaCry ransomware — also known as WCry, Wana Decrypt0r, WannaCrypt, and WanaCrypt0r — infected a honeypot server made to look like a vulnerable Windows computer six times in theRead More →
A new malware family called Jaff has been identified by researchers who say they are currently tracking multiple massive spam campaigns distributing the malware via the Necurs botnet. “It cameRead More →
