Malware specialized in infecting Point of Sale (PoS) software has gained the ability to search and steal driver’s license information, according to a report published by US cyber-security firm TrendRead More →
SophosLabs has discovered a new spam campaign where ransomware is downloaded and run by a macro hidden inside a Word document that is in turn nested within a PDF, like a Russian matryoshkaRead More →
Interpol investigators announced today they’d identified over 8,800 servers hosted across eight countries in Southeast Asia used for various cybercrime operations. According to Interpol, these are command-and-control (C&C) servers usedRead More →
One of the vulnerabilities used to spread the Stuxnet virus was 2016’s most popular exploit, according to telemetry data gathered by Russia cyber-security firm Kaspersky Labs. Identified as CVE-2010-2568, thisRead More →
A group of Israeli researchers has devised a new technique to exfiltrate data from a PC in an air-gapped network through malware controlled via scanners. The team was composed of Ben Nassi, a graduateRead More →
Millions of users looking to get software updates have downloaded an app hiding a spyware called SMSVova through the official Google Play store. Bad news for millions of Android usersRead More →
On Friday, April 7, the FBI arrested Zhengquan Zhang, a 31-year-old IT engineer, who now stands accused of installing malware on his employer’s servers to steal proprietary source. Zhang startedRead More →
One week ago today, the Shadow Brokers (an unknown hacking entity) leaked the Equation Group’s (NSA) FuzzBunch software, an exploitation framework similar to Metasploit. In the framework were several unauthenticated,Read More →
Roman Seleznev, the son of the prominent Russian Parliament member Valery Seleznev was sentenced to 27 years in jail for hacking. The Russian hacker Roman Seleznev, aka Track2, was sentenced to 27Read More →
Microsoft recently fixed a vulnerability in its video chat and messaging app Skype that could have allowed an attacker to execute code on the system it was running on, phishRead More →
After almost an almost non-existent presence in 2017 and a few weeks off, Locky is back with a fresh wave of SPAM emails containing malicious docs. While it is not knownRead More →
Did script kiddies use DoublePulsar code released by NSA-leaking Shadow Brokers? Security experts believe that tens of thousands of Windows computers may have been infected by a highly advanced NationalRead More →
A new form of Android malware, named Milkydoor, uses remote port forwarding via Secure Shell (SSH) tunnels to hide malicious traffic and grant attackers access to firewall-protected networks. The malwareRead More →
The developer of the AES-NI ransomware claims that the recent “success” he’s been enjoying is due to the NSA exploits leaked last week by the Shadow Brokers group. In aRead More →
Just like Wifatch and Hajime, the BrickerBot malware is the work of a vigilante grey-hat, who goes online by the name of Janit0r, a nickname he chose on the HackRead More →
Cyber security experts disclosed the existence of 10 unpatched security flaws in dozens of Linksys routers widely used today. The IOActive senior security consultant Tao Sauvage and the independent securityRead More →
A Russian malware author is using codified tweets to start and stop DDoS attacks against desired targets. The DDoS attacks are launched from the computers of infected users using aRead More →
Like many in the security industry, we’ve been busy investigating the implications of the Shadow Brokers leak, with the DOUBLEPULSAR payload in particular attracting our attention. Like many in theRead More →
Code-execution flaw is triggered by plugging a booby-trapped USB into vulnerable PCs. One of the Microsoft Windows vulnerabilities used to spread the Stuxnet worm that targeted Iran remained the mostRead More →
Sensors used to detect the level of ambient light can be used to steal browser data, according to privacy expert Lukasz Olejnik. Over the past decade, ambient light sensors haveRead More →
