Browsing category
France’s TV5Monde came “within hours” of being destroyed by hackers, according to the station’s boss. TV5Monde was taken off air for hours in April 2015. The interruption might have lasted longer but for the intervention of a techie who pulled the plug on a compromised system that was spreading malware, Yves Bigot, the director-general […]
The security researcher Matt Weeks discovered a way to abuse the Microsoft Just Enough Administration (JEA) technology to escalate user profiles. Just Enough Administration aka JEA is a Microsoft technology that enables the delegated administration for carry on task with PowerShell. With JEA in place, it is possible to properly configure a role for administrators giving […]
TURKEY has blocked access to Dropbox, Microsoft OneDrive and partially restricted Google Drive cloud file sharing services popular on mobile phones as well as in education, business, legal and press industries, following the leak of a set of private emails allegedly belonging to Minister of Energy and Natural Resources Berat Albayrak who is also the son-in-law […]
On Tuesday we found out internet giant Yahoo has been playing flunky for the FBI and NSA, helping the feds spy on hundreds of millions of Yahoo email users. A Reuters investigation revealed the company built special software at the government’s request that scanned all incoming emails looking for key words and phrases. If that […]
London Police have continued to bag and tag criminals who installed malware in ATMs across the city, with the extradition of a Romanian man to the UK last week. Emanual Leahu was charged with conspiracy to defraud as part of a gang that stole some £1.5 million from ATMs across London in 2014. Gang members […]
A new app aims to prevent malware from recording video calls. In recent years we’ve seen malware that targets webcams and microphones in an effort to secretly record what a person says and does. Even the NSA has developed code that remotely switches on a person’s webcam. But things are different when it comes to Mac […]
The author of the FastPoS PoS malware issued an update that profoundly changes its behavior, preferring a quick exfiltration activity even if is noisier. Christmas is approaching, and the experts are already at work, including the authors of PoS malware that at that time maximize their profits. The criminal group behind the FastPoS PoS malware have updated […]
Contractor accused of stealing NSA hard-copy & digital files. US authorities have arrested a Maryland man, a former NSA contractor, under charges of removal of classified documents and theft of government property, the US Department of Justice (DoJ) announced today. The man’s name is Harold Thomas Martin III, age 51, of Glen Burnie, Maryland, and authorities […]
One of the worst feelings a website owner can experience is discovering that your site has been hacked. Without propersecurity measures in place, even website owners with the best intentions can lose control of their website. When hackers gain access to your site, they can use it to host phishing content, distribute malware, steal sensitive […]
DONALD TRUMP HAS made no secret of his “bomb the s&*$t out of them” approach to foreign conflict. But when it comes to America’s digital security, his prescriptions have mostly been limited to vague calls to “get tough on cyber” and invitations to Russians to hack Hillary Clinton’s email. Today, however, Trump got a bit more specific about the digital […]
The notorious hacker Peace_of_Mind has hacked and defaced the official hacking and trading forumw0rm.ws and doxed its alleged owners. ‘Peace_of_Mind‘ (PoM) is a very active actor in The Real Deal Market and The Hell black markets, he offered for sale the dumps from clamorous data breaches, including Yahoo, LinkedIn and MySpace The w0rm.ws a famous hacking platform, it is an ‘invite only’ hacking […]
With just a mere 48 characters of code, Linux admin and SSLMate founder Andrew Ayer has figured out how to crash major Linux distributions by locally exploiting a flaw in systemd. Ayer said the following command, when run as any user, will crash systemd: “NOTIFY_SOCKET=/run/systemd/notify systemd-notify” Systemd is an essential part of the boot process for most […]
For now, nobody’s pointing fingers at North Korea An unknown attacker has hacked South Korea’s military cyber command center last month, state officials told local media outlet Yonhap News. Government officials said the attacker found and exploited a security flaw in a central router called the “vaccine routing server.” Ironically, as the server’s name hints, […]
Researchers present new DefecTor deanonymization attack. A team of scientists has come up with a new attack method that in the hands of certain adversaries can be used to deanonymize Tor traffic by monitoring the traffic that goes into a Tor relay and the HTTP and DNS traffic that comes out of a Tor exit […]
The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable […]
Fraudsters who hack corporate bank accounts typically launder stolen funds by making deposits from the hacked company into accounts owned by “money mules,” willing or unwitting dupes recruited through work-at-home job scams. The mules usually are then asked to withdraw the funds in cash and wire the money to the scammers. Increasingly, however, the mules are being […]
Researchers at the Bellingcat agency have been hit with spear phishing attacks and account takeover attempts while investigating flight MH17 crash. Once again cyber security experts warn of a new hacking campaign that this time is targeting Citizen Journalists reporting the crash of the flight MH17 of the Malaysian Airlines. According to the intelligence firm […]
Once unthinkable, 1 terabit attacks may soon be the new normal. Last week, security news site KrebsOnSecurity went dark for more than 24 hours following what was believed to be a record 620 gigabit-per-second denial of service attack brought on by an ensemble of routers, security cameras, or other so-called Internet of Things devices. Now, there’s […]
Unlock92 infections going under the radar. A ransomware variant that appeared in early July this year and was initially cracked and decrypted has quietly resurfaced in mid-August and has been spamming users ever since, with a determination seen only in the market’s top ransomware families. Known as Unlock92, this ransomware was in the media’s attention […]
The hosting provider OVH continues to face massive DDoS attacks launched by a botnet composed at least of 150000 IoT devices. Last week, the hosting provider OVH faced 1Tbps DDoS attack, likely the largest one ever seen. The OVH founder and CTO Octave Klaba reported the 1Tbps DDoS attack on Twitter sharing an image that lists the […]
PonyForx is a fork of the more popular Pony infostealer. A crook named Cronbot is currently selling a new malware variant on Russian underground hacking forums that appears to be a successful fork of an older and very advanced infostealer called Pony. Named Fox but currently identified by researchers as PonyForx or Fox Stealer, this […]