Lurk Banker Trojan: Exclusively for Russia
2016-06-13
One piece of advice that often appears in closed message boards used by Russian cybercriminals is “Don’t work with RU”. This is a kind of instruction given by more experiencedRead More →
ASUS UEFI Update Driver Physical Memory Read/Write
2016-06-13
A short while ago, slipstream/RoL dropped an exploit for the ASUS memory mapping driver (ASMMAP/ASMMAP64) which was vulnerable to complete physical memory access (read/write) to unprivileged users, allowing for localRead More →
NSA Looking to Exploit Internet of Things, Including Biomedical Devices, Official Says
2016-06-13
THE NATIONAL SECURITY AGENCY is researching opportunities to collect foreign intelligence — including the possibility of exploiting internet-connected biomedical devices like pacemakers, according to a senior official. “We’re looking atRead More →
Hacker puts 51 million file sharing accounts for sale on dark web
2016-06-13
The recently-defunct company was once the third-largest music and video file sharing service in the US. Users accounts for iMesh, a now defunct file sharing service, are for sale onRead More →
Hackers Find Clever Way to Bypass Google’s Two-Factor Authentication
2016-06-13
Attackers take social engineering to a totally new level. There’s a sneaky new trick going around that can fool some people into divulging their two-factor authentication code to crooks, while thinkingRead More →
Bolek Banking Trojan, a Carberp Successor is spreading in the wild
2016-06-11
The Bolek banking Trojan is one of the successors of the notorious Carberp Trojan that targets both 32-bit and 64-bit Windows systems. When the source code of the Carberp Trojan wasRead More →
Visual Studio 2015 Secretly Inserts Telemetry Code Into C++ Binaries
2016-06-11
Microsoft says it’s for debugging, not spying. Internet users have pulled out the pitchforks and are once again at odds with Microsoft regarding telemetry data, but this time around it’s becauseRead More →
How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng
2016-06-11
When Wi-Fi was first developed in the late 1990s, Wired Equivalent Privacy was created to give wireless communications confidentiality. WEP, as it became known, proved terribly flawed and easily cracked.Read More →
NSA Couldn’t Hack San Bernardino iPhone, Official Says
2016-06-11
When the FBI was trying to break into the San Bernardino shooter’s iPhone, many assumed that the NSA would have the technical capability to do so. Turns out, one ofRead More →
RIP ROP: Intel’s cunning plot to kill stack-hopping exploits at CPU level
2016-06-10
How Chipzilla and Microsoft hope to get one step ahead of hackers. Intel is pushing a neat technique that could block malware infections on computers at the processor level. That’s theRead More →
Zendesk chief’s Twitter account hacked
2016-06-10
The chief executive of tech support firm Zendesk has become the latest high-profile figure to have his Twitter account hacked. Mikkel Svane’s hijacked account had its ID image changed toRead More →
Necurs Botnet Goes Down, Shutting Off Dridex and Locky Spam
2016-06-10
All Necurs activity stopped on June 1, down ever since. The Necurs botnet, the largest malware distribution botnet known today, seems to be facing some technical problems, and the direct consequenceRead More →
More corporate shared folders in cloud filled with malware, research finds
2016-06-10
In related studies: Ice is cold; fire still hot. Internet file sharing has long been a prime route for malware to spread. The situation is one of the reasons (aside fromRead More →
How a Bad UI Decision from Microsoft Helped Macro Malware Make a Comeback
2016-06-10
US-CERT warns about a rise in macro malware. Following numerous reports from various security firms about a large number of malware that uses macro scripts in Office documents to spread, theRead More →
Zcrypt Expands Reach as ‘Virus Ransomware’
2016-06-09
Intel Security has recently seen a new kind of ransomware–Zcrypt—that can self-replicate. This “virus ransomware” arrives via email in a malicious attachment or by usurping an Adobe Flash Player installation.Read More →
A crafted PDF document can hack your Chrome PDF reader, Update Chrome now!
2016-06-09
is the default PDF reader that is included in the Google Chrome web browser. Talos has identified an exploitable heap buffer overflow vulnerability in the Pdfium PDF reader. By simplyRead More →
Ransomware Leaves Server Credentials in its Code
2016-06-09
While SNSLocker isn’t a stand-out crypto-ransomware in terms of routine or interface, its coarse and bland façade hid quite a surprise. After looking closer at its code, we discovered thatRead More →
Hacking Satellites … Look Up to the Sky
2016-06-09
Introduction Satellites have assumed a crucial role in our contemporary society; they are used in both private and public sectors for numerous purposes, from communication to research. Unfortunately, with theRead More →
Twitter Hacked, Hacker selling 32 million Twitter passwords on Dark Web
2016-06-09
Passwords for 32 Million Twitter accounts may have been hacked and leaked. After the mega hacks of last month, it is now time for Twitter. But there is a twistRead More →
HOWTO: Port Forwards through a SOCKS proxy
2016-06-08
Recently, I’ve had multiple people ask about port forwards with Cobalt Strike’s Beacon payload. Beacon has had SOCKS proxy pivoting support since June 2013. This feature opens a SOCKS proxy serverRead More →
