My friends at CyberBlog decided to analyze the GM Bot Android Malware as exercise aiming to receive feedback sand suggestions from the security community. The sample explored is confirmed as a variantRead More →
Browser autofill profiles are a reliable phishing vector that allow attackers to collect information from users via hidden fields, which the browser automatically fills with preset personal information and whichRead More →
Some financial institutions are now offering so-called “cardless ATM” transactions that allow customers to withdraw cash using nothing more than their mobile phones. But as the following story illustrates, this new technologyRead More →
A new form of malware is targeting Macs and launching denial-of-service attacks on users by creating multiple email drafts that crash the computer. The method is simple but devious. AccordingRead More →
The FTC has filed a lawsuit against D-Link for failing to protect its customers against ‘well known and easily preventable software security flaws’ in its routers and IoT cameras. TheRead More →
MongoDB administrators are about to be tought a hard lesson in database management practices, as the number of hackers that are now involved with DB hijacking attempts has gone fromRead More →
Researchers have discovered a Linux variant of the KillDisk ransomware, which itself is a new addition to the KillDisk disk wiper malware family, previously used only to sabotage companies byRead More →
we will detail our discovery of the next two versions of MM Core, namely “BigBoss” (2.2-LNK) and “SillyGoose” (2.3-LNK). Attacks using “BigBoss” appear likely to have occurred since mid-2015, whereas “SillyGoose” appears to haveRead More →
SGX needs I/O protection, Austrian boffins reckon. Intel’s Software Guard Extensions started rolling in Skylake processors in October 2015, but it’s got an Achilles heel: insecure I/O like keyboards orRead More →
The Koolova ransomware will decrypt the encrypted files for free it the victim read two blog posts about how to avoid ransomware infection. Ransomware authors are very creative, in theRead More →
The notorious black hat hacker CyberZeist (@cyberzeist2) has broken into the FBI website FBI.gov and leaked data on Pastebin. The notorious black hat hacker CyberZeist (@cyberzeist2) has broken into theRead More →
A ransomware family named FireCrypt will encrypt the user’s files, but also attempt to launch a very feeble DDoS attack on a URL hardcoded in its source code. This threatRead More →
A hacker going by the online handle of “Kuroi’SH” hacked and defaced the official Google Brazil domain earlier Tuesday afternoon. The hacker left a deface page along with a messageRead More →
A cyber-crime infrastructure known in infosec circles as pseudo-Darkleech has been the source of many ransomware infections during the past year, either by malicious spam attachments or via automated attacksRead More →
The Merry X-Mas Ransomware is here and it’s not bringing you any presents. First discovered by @dvk01uk with the help of @Techhelplistcom, it is being named the Merry Christmas, or MerryRead More →
Ultrasounds emitted by ads or JavaScript code hidden on a page accessed through the Tor Browser can deanonymize Tor users by making nearby phones or computers send identity beacons backRead More →
In the past few weeks, more or less talented malware authors have resorted to naming their newly launched threats using the “FSociety” brand, made famous by the Mr. Robot TVRead More →
The security expert Dawid Golunski from Legal Hackers has reported critical RCE flaws in the popular PHP libraries SwiftMailer, PhpMailer and ZendMail. Recently the security expert Dawid Golunski from LegalRead More →
Looks like the NSA has a history of positively identifying Russian hacks. The FBI, CIA and President Barack Obama all agree that Russia hacked the DNC and asserted its willRead More →
On the last day of 2016, KeepKey, a vendor of Bitcoin hardware wallets, has notified users of a security breach that inadvertently exposed some of its customers’ details. According toRead More →
