A second US man has pleaded guilty to stealing intimate pictures of celebrities using a phishing scam. Edward Majerczyk, 28, who resides in Chicago and Orland Park, Illinois, was chargedRead More →
Yingmob supposedly controls over 85 million Android devices. A Chinese advertising company is responsible for two of the biggest waves of malware for both the Android and iOS ecosystems, a recentRead More →
Popular Android Keyboard App with 50 million downloads is spying on you. A popular Android keyboard app called Flash Keyboard was found by a UK-based cyber-security firm, Pentest to be askingRead More →
RansomNoteCleaner Windows app cleans up the ransom note spam left behind after removing a ransomware infection. Security researcher Michael Gillespie, one of the people responsible for creating several free ransomwareRead More →
Talos have observed a large uptick in the Zepto ransomware and have identified a method of distribution for the Zepto ransomware, Spam Email. Locky/Zepto continue to be well known ransomwareRead More →
It all started from a spam campaign. Figure 1 shows a campaign we picked up recently from our spam traps with a suspicious document file attachment. Notice how poor theRead More →
Is it a bug or is it a backdoor? Lenovo, and possibly other PC vendors, is exposed to a UEFI bug that can be exploited to disable firmware write-protection. If theRead More →
The Federal Investigation Agency in Pakistan is investigating a Chinese organization that is specialized in attacking ATM machines by using skimmer devices. A few days ago I reported the storyRead More →
Threat actors are known to switch targeted geographies from time to time, and it appears that a number have set their sights on Canada within a short time-frame. In theRead More →
Company also doesn’t support encryption backdoors. Via a statement from Steve Grobman, Chief Technology Officer for Intel Security, Intel has denied claims made by hardware security expert Damien Zammit, who detailedRead More →
When it comes to accessing public websites, Tor has an intrinsic security problem: though the nodes between your computer and the public internet are unable to see where the trafficRead More →
Before discovering my latest Magento RCE, I’ve found two different vulnerabilities, both resulting in the complete compromise of customer data and/or the server. As they are far less complicated, I’mRead More →
Unlike Apple’s iOS, Android is vulnerable to several key-extraction techniques. Privacy advocates take note: Android’s full-disk encryption just got dramatically easier to defeat on devices that use chips from semiconductor makerRead More →
The two zero-days were fixed in the summer of 2015.Project Zero researchers revealed this week that they helped Microsoft patch 16 security issues relating to how font processing operations areRead More →
Foxit patched a dozen vulnerabilities in its PDF reader software this week, more than half of which could allow an attacker to directly execute arbitrary code on vulnerable installations ofRead More →
mraptor is a simple tool designed to detect malicious VBA macros in MS Office files, based on characteristics of the VBA code. This article explains how it works, and howRead More →
A new ransomware called Satana was discovered by Malwarebytes security researcher S!Ri that packs a 2 in one punch. When installed, the Santana Ransomware will encrypt your files using a standard file crypter and then alsoRead More →
In April 2016, while investigating a Smishing campaign dubbed RuMMS that involved the targeting of Android users in Russia, we also noticed three similar Smishing campaigns reportedly spreading inDenmark (FebruaryRead More →
On June 29th, Cheetah Mobile Security Research Lab issued warnings against a newly found mobile phone trojan family, which has been dubbed “Hummer.” During the first half of 2016, theRead More →
Thomson Reuters ‘working furiously’ to secure 2.2 million sensitive records. The terrorist database used by global banks and intelligence agencies World-Check has reportedly leaked online. The mid-2014 version of the databaseRead More →
