Connected car hacking: Who’s to blame?
2017-01-09
I’ve just about recovered from the sensory overload that is CES to gather my thoughts from what was another fascinating event. This blog, on connected car hacking, is the firstRead More →
Google plugs severe Android vulnerability that exposed devices to spying
2017-01-09
Bootmode exploit gave attackers ability to hack modem, eavesdrop on calls. Google has shut down a “high-severity” exploit in its Nexus 6 and 6P phones which gave attackers with USBRead More →
WordPress, Joomla, and Magento Continue to Be the Most Hacked CMSs
2017-01-09
Based on statistical data gathered by Sucuri from 7,937 compromised websites, WordPress, Joomla, and Magento, in this order, continued to be the most hacked CMS platforms in the third quarterRead More →
Crooks Cold-Calling UK Schools and Tricking Staff Into Installing Ransomware
2017-01-09
The “ActionFraud” UK National Fraud & Cyber Crime Reporting Center has issued an alert this week to UK educational institutes, warning against cyber-criminals cold-calling British schools and tricking staffers intoRead More →
Iranian Group OilRig is back and delivers digitally signed malware
2017-01-09
ClearSky Security discovered a new campaign conducted by the Iranian OilRig APT leveraging digitally signed malware and fake University of Oxford domains. The OilRig hacker group is an Iran-linked APT that has been aroundRead More →
Verizon Again Having Second Thoughts on Yahoo Deal After 1 Billion Account Hack
2017-01-07
Executives still looking into the deal, it seems. Verizon is once again unsure whether to complete the takeover of Yahoo or not, after the company recently acknowledged a 2013 hackRead More →
China-Linked DragonOK APT Group continues updating tools and tactics
2017-01-07
The China-linked DragonOK continues updating tools and tactics and targeted entities in various countries, including Russia and Tibet. It was September 2014, when security researchers at FireEye spotted for the firstRead More →
A fake Super Mario Run for Android is serving the Marcher Banking Trojan
2017-01-07
Zscaler experts have found in the wild a fake version of the Super Mario Run Android App that could install the Android Marcher banking trojan. Bad news for mobile gamers,Read More →
Analyzing a variant of the GM Bot Android malware
2017-01-07
My friends at CyberBlog decided to analyze the GM Bot Android Malware as exercise aiming to receive feedback sand suggestions from the security community. The sample explored is confirmed as a variantRead More →
Browser Autofill Profiles Can Be Abused for Phishing Attacks
2017-01-07
Browser autofill profiles are a reliable phishing vector that allow attackers to collect information from users via hidden fields, which the browser automatically fills with preset personal information and whichRead More →
