Keyloggers have always been present in attackers’ toolkits. They give attackers the power to record every keystroke from a victim’s machine and steal sensitive information. Zscaler ThreatLabZ recently came acrossRead More →
Facebook quickly resolved a vulnerability in its Business Manager tool late last month that could have let an attacker take over any Facebook page. Arun Sureshkumar, a security researcher in India, disclosed theRead More →
Two researchers have analyzed images Exif metadata included in the photos used by crooks to advertise their products on black marketplaces in the dark web. Darknets are a privileged environmentRead More →
Very few have write access enabled, though. A recent brute-force scan of FTP servers available online via an IPv4 address revealed that 796,578 boxes can be accessed without the needRead More →
Cisco revealed the existence of another zero-day vulnerability, tracked as CVE-2016-6415, in the Equation Group archive leaked by the Shadow Broker hackers. This summer a group of hackers known as ShadowRead More →
This blog is the first in a 3 part series that will provide an in-depth technical analysis on the H1N1 malware. I’ll be looking at how H1N1 has evolved, its obfuscation,Read More →
HDDCryptor, sometimes spelled HDD Cryptor and also identified as Mamba, is a new ransomware variant that rewrites a computer’s MBR (Master Boot Record) boot sectors and locks users out ofRead More →
Scammers will always try and imitate legitimate tools and services in an effort to trick people into harming their accounts and devices. If it isn’t fake logins, it’s dubious linksRead More →
A researcher has demonstrated that the NAND mirroring technique was able to bypass the passcode retry limitations on the San Bernardino shooter’s iPhone. The battle between the FBI and Apple for unlockingRead More →
Author says he’s not interested in launching DDoS attacks. Two weeks ago, a security researcher that goes by the name of MalwareMustDie had come across a new Linux trojan that accordingRead More →
Makers of the mobile encrypted chat app Signal say they have fixed vulnerabilities in the Android version of the messaging app that allowed attackers to corrupt encrypted attachments and remotely crash the application.Read More →
Weakness in certificate pinning protections may open users to MitM attacks. Mozilla officials say they’ll release a Firefox update on Tuesday that fixes the same cross-platform, malicious code-execution vulnerability patched FridayRead More →
Attackers looking for vulnerable Drupal 7.x sites. A security flaw patched on July 13 in core modules built into the Drupal CMS are being exploited in live attacks, according to JohannesRead More →
Safe Mode proves to be a valuable tool for hackers.Research published by CyberArk, a US cyber-security vendor, reveals various attack scenarios that leverage Windows Safe Mode to carry out maliciousRead More →
A Dutch Computer Science student discovered the presence of a backdoor that could allow an attacker to silently install any app on Xiaomi phones. A Dutch Computer Science student, Thijs Broenink,Read More →
A Brazilian Infosec research group, Morphus Labs, just discovered a new Full Disk Encryption (FDE) Ransomware this week, dubbed Mamba. Mamba, as they named it, uses a disk-level encryption strategyRead More →
Research published last week by the Cyber-Security Research Center at the Ben-Gurion University of the Negev in Israel reveals that it only takes about 6,000 smartphones infected with malware toRead More →
During the past few weeks there has been an increase in malvertising attacks, for example via a series of compromises of open source Revive ad servers which is still continuing. What’s interesting toRead More →
The Shark Ransomware Project that appeared in July 2016 has rebranded as the Atom Ransomware Affiliate Program, offering an improved service for crooks that want to start a life inRead More →
“The French Underground: Under a Shroud of Extreme Caution”, another interesting report published by Trend Micro on illegal activities in the Dark Web. The dark web is a privileged place whereRead More →
