Browsing category
In April 2014 the cybersecurity world was rocked by the discovery of Heartbleed, the name given to a vulnerability found in one of the systems we use to securely communicate over the internet. At the time, as is often the case with new vulnerabilities, we had no handle on how it widely it had been […]
This remote access trojan (RAT) has capabilities ranging from manipulating the registry to opening a reverse shell. From stealing credentials stored in browsers to accessing the victims webcam. Through the Command & Control (CnC) server software, the attacker has capabilities to create and configure the malware to spread utilizing physic devices, such as USB drives, […]
A hacker going by the handle of His Royal Gingerness (HRG) hacked into the official website of Norwich International Airport last month after sending several warning emails to the airport staff to fix vulnerability on their site. In a YouTube video uploaded on 8th November 2015 the hacker explained everything about the hack, ie. how […]
Critical business applications such as SAP and Oracle ERP products process and store the Fortune 2000’s most critical data, yet spur relatively little concern when it comes to security vulnerabilities. That trend seems to be reversing itself, given the spate of disclosures and high-profile vulnerabilities that have been patched in the past year. Today, researchers […]
NSA discloses 91 percent of the zero-day bugs it finds in the online systems to its manufacturers while it keeps the 9 percent to itself. This information was disclosed to defend the agency’s bug disclosure policies, according to reports from Reuters. NSA has been heavily criticized since Snowden‘s leaks and many questions have been posed to the […]
The Infernal-Twin is an automated tool designed for penetration testing activities, it has been developed to automate the Evil Twin Attack. The Infernal-Twin is an automated tool designed for penetration testing activities, it has been developed to assess wireless security by automating the Evil Twin Attack. “The tool was created to help the auditors and penetration testers […]
US spying agency reveals bug disclosure program’s stats An NSA spokesperson said the agency discloses zero-day bugs to manufacturers and affected companies in 91% of the cases it discovers, as per a Reuters report. This small morsel of information slipped out after the agency was trying to defend its bug disclosure policies. Due to public […]
Economist’s anti-ad blocking analytics service got hacked on 31st October (company’s officials didn’t disclose until 5th November) and the exposed site made users download a malware into their systems. The Economist runs a service for publishers that provides statistics on the percentage of users reading their content with ad blocking services on their site. The […]
Researchers at Lookout Security have found a Shuanet malware that masquerades as some of the most downloaded apps like Facebook, Twitter, and Snapchat. Android devices are always under attack, from IQ Testing App infecting millions of users worldwide to gaming apps like Candy Crush and Plants vs Zombies each and every one of them played their […]
Malware operators are taking aim at Web developers. A newly discovered ransomware is attacking Linux Web servers, taking aim at Web development environments used to host websites or code repositories. Russian antivirus maker Dr.Web came across this malware and said that the ransomware needs root privileges to work. Additionally, the company also says it does not […]
Last year we switched to using Slack for all our internal communication and it’s working out nicely. It’s very developer centric in that it offers integrations with lots of services like Travis CI, GitHub, etc. When we started using Slack one of our developers was sending a file, had his Developer console open and noticed […]
A variant of the Power Worm ransomware is infecting computers, encrypting their data files, and throwing away the encryption key, all because of an error in the malware’s programming. The Power Worm malware is a PowerShell-based ransomware, which uses the Windows PowerShell to initiate and execute its malicious activity. The Windows PowerShell is a framework […]
HACKERS WHO BROKE into the personal email account of CIA Director John Brennan have struck again. This time the group, which goes by the name Crackas With Attitude, says it gained access to an even more important target—a portal for law enforcement that grants access to arrest records and other sensitive data, including what appears […]
Rafael Salema Marques is a Brazilian cyber-security researcher and, above all, a devoted Mac user. Today, Mr. Marques published a LinkedIn blog post and proof-of-concept video on YouTube, detailing a fully functional Mac OS X ransomware piece that works just like its more dangerous Windows counterparts. But don’t panic, Mr. Marques did not release his […]
We’re your servants, says general counsel unconvincingly After spending months pressuring tech companies to add backdoors into their encryption software, the FBI says it has given up on the idea. Speaking at a conference in Boston on Wednesday, the bureau’s general counsel James Baker even used the term that has been repeatedly used to undermine […]
Follow-on attacks show capabilities “commonly possessed by state-sponsored actors.” A provider of end-to-end encrypted e-mail said it paid a ransom of almost $6,000 to stop highly advanced denial-of-service attacks that knocked its networks, and the networks of some of its upstream providers, offline. In a blog post published Thursday, officials of Switzerland-based ProtonMail said they […]
A software development kit that has been provided by Baidu (A Chinese search engine) can easily be exploited for installing backdoors on Android devices. About 100 million users are in danger of getting affected due to this vulnerability as according to Trend Micro‘s report the SDK has been used to make 14,112 Android applications till now. Out […]
Cyber-security vendors are revealing their statistics for the third quarter (Q3) of 2015, and a popular topic is DDoS attacks, a tactic widely used to mask more serious intrusions, to extort companies, or to annoy or sabotage competitors. We have aggregated for you data from two different DDoS reports that came fromKaspersky Lab’s DDoS Intelligence […]
IPB The encryption bothering parts of the UK’s Investigatory Powers Bill have left IT security experts flabbergasted. Introducing the draft internet surveillance law in the House of Commons on Wednesday, Home Secretary Theresa May presented it as consolidating and updating existing investigatory powers. She spun it as a break from measures in the ultimately unsuccessful […]
A cybersecurity expert once told me something I’ll never forget: “don’t underestimate what bored teenagers can do.” A group teenagers that call themselves “Crackas With Attitude” reminded me of those words when they were able to hack into the personal AOL email account of CIA Director John Brennan. The teenagers, who described themselves as “stoners,” […]
Customers of Russia’s biggest banks are under attack.Dell SecureWorks has detected an ongoing campaign that is targeting users of several Russian banks and payment service providers. The cyber-criminals behind this affair are believed to be operating a large botnet that spreads the Tinba 2.0 banking trojan and aggregates financial information from its victims. Tinba is […]