Just For Men website serves malware
2016-09-21
The website for Just For Men, a company that sells various products for men as its name implies, was serving malware to its visitors. Our automated systems detected the drive-byRead More →
InfoArmor Uncovers Malicious Torrent Distribution Network
2016-09-21
InfoArmor has identified a special tool used by cybercriminals to distribute malware by packaging it with the most popular torrent files on the Internet. The bad actors have analyzed trendsRead More →
The banker that can steal anything
2016-09-21
In the past, we’ve seen superuser rights exploit advertising applications such as Leech, Guerrilla, Ztorg. This use of root privileges is not typical, however, for banking malware attacks, because moneyRead More →
iPhone passcode bypassed with NAND mirroring attack
2016-09-21
FBI says it’s impossible but Cambridge computer security expert proves them wrong. Passcodes on iPhones can be hacked using store-bought electronic components worth less than $100 (£77), according to oneRead More →
The Spider That Crawls the Dark Web Looking for Stolen Data
2016-09-20
A start-up alerts organizations when their sensitive information pops up for sale online. When police officers respond to a theft or a mugging, they’ll usually ask for the serial numbersRead More →
Ransomware is lucrative: Attacker’s profits near $100 million
2016-09-20
Hackers are increasingly targeting healthcare institutions with malware because of their poor cyber-security posture, reliance on legacy IT systems, third-party services and the need to access information as soon asRead More →
Car Hacking Research: Remote Attack Tesla Motors
2016-09-20
With several months of in-depth research on Tesla Cars, we have discovered multiple security vulnerabilities and successfully implemented remote, aka none physical contact, control on Tesla Model S in bothRead More →
iSpy Keylogger
2016-09-20
Keyloggers have always been present in attackers’ toolkits. They give attackers the power to record every keystroke from a victim’s machine and steal sensitive information. Zscaler ThreatLabZ recently came acrossRead More →
FACEBOOK FIXES VULNERABILITY THAT LED TO ACCOUNT TAKEOVER, PAYS RESEARCHER $16K
2016-09-20
Facebook quickly resolved a vulnerability in its Business Manager tool late last month that could have let an attacker take over any Facebook page. Arun Sureshkumar, a security researcher in India, disclosed theRead More →
Boffins analyzed EXIF metadata in photos on principal blackmarkets
2016-09-19
Two researchers have analyzed images Exif metadata included in the photos used by crooks to advertise their products on black marketplaces in the dark web. Darknets are a privileged environmentRead More →
Nearly 800,000 FTP Servers Accessible Online Without Authentication
2016-09-19
Very few have write access enabled, though. A recent brute-force scan of FTP servers available online via an IPv4 address revealed that 796,578 boxes can be accessed without the needRead More →
CVE-2016-6415 – CISCO confirms a new Zero-Day linked to Equation Group hack
2016-09-19
Cisco revealed the existence of another zero-day vulnerability, tracked as CVE-2016-6415, in the Equation Group archive leaked by the Shadow Broker hackers. This summer a group of hackers known as ShadowRead More →
H1N1 Malware Adds Support for Infostealing Features, UAC Bypass
2016-09-19
This blog is the first in a 3 part series that will provide an in-depth technical analysis on the H1N1 malware. I’ll be looking at how H1N1 has evolved, its obfuscation,Read More →
HDDCryptor Ransomware Overwrites Your MBR Using Open Source Tools
2016-09-19
HDDCryptor, sometimes spelled HDD Cryptor and also identified as Mamba, is a new ransomware variant that rewrites a computer’s MBR (Master Boot Record) boot sectors and locks users out ofRead More →
PSA: DetoxCrypto Ransomware imitating Malwarebytes
2016-09-17
Scammers will always try and imitate legitimate tools and services in an effort to trick people into harming their accounts and devices. If it isn’t fake logins, it’s dubious linksRead More →
NAND mirroring – Unlock San Bernardino shooter’ iPhone with just $100
2016-09-17
A researcher has demonstrated that the NAND mirroring technique was able to bypass the passcode retry limitations on the San Bernardino shooter’s iPhone. The battle between the FBI and Apple for unlockingRead More →
LuaBot Author Says His Malware Is “Not Harmful”
2016-09-17
Author says he’s not interested in launching DDoS attacks. Two weeks ago, a security researcher that goes by the name of MalwareMustDie had come across a new Linux trojan that accordingRead More →
BUGS IN SIGNAL MESSAGING APP CORRUPT ATTACHMENTS, CRASH APP
2016-09-17
Makers of the mobile encrypted chat app Signal say they have fixed vulnerabilities in the Android version of the messaging app that allowed attackers to corrupt encrypted attachments and remotely crash the application.Read More →
Mozilla plans Firefox fix for same malware vulnerability that bit Tor
2016-09-17
Weakness in certificate pinning protections may open users to MitM attacks. Mozilla officials say they’ll release a Firefox update on Tuesday that fixes the same cross-platform, malicious code-execution vulnerability patched FridayRead More →
Hackers Actively Scanning Drupal Sites for Vulnerability Patched in July
2016-09-16
Attackers looking for vulnerable Drupal 7.x sites. A security flaw patched on July 13 in core modules built into the Drupal CMS are being exploited in live attacks, according to JohannesRead More →
