Browsing category
Siemens has just released a firmware update for the 7KT PAC1200 Siemens smart meters that addresses a critical vulnerability. Siemens has just released a firmware update for the 7KT PAC1200 Siemens smart meters to fix a critical vulnerability that can be exploited by remote attackers to bypass authentication and perform administrative actions on the device. The […]
Apple rushed out an emergency patch Thursday that fixed an incredulous bug in its shiny new High Sierra operating system that revealed APFS volume passwords via the password hint feature. Brazilian researcher Matheus Mariano of Leet Tech found the bug and privately disclosed it to Apple. He said that upon creation of an encrypted container in APFS—Apple’s […]
Patch diffing is a common technique of comparing two binary builds of the same code – a known-vulnerable one and one containing a security fix. It is often used to determine the technical details behind ambiguously-worded bulletins, and to establish the root causes, attack vectors and potential variants of the vulnerabilities in question. The approach […]
Several security vulnerabilities have been patched in recent weeks in Apache Tomcat, including the CVE-2017-12617 Code Execution vulnerability. Several security vulnerabilities have been patched in recent weeks in Apache Tomcat. The list of fixed flaws recently addressed also included code execution vulnerabilities. Apache Tomcat is the most widely used web application server, with over one million downloads […]
Electronic messages traveling across the internet are under constant threat from data thieves, but new security standards created with the technical guidance of the National Institute of Standards and Technology (NIST) will reduce the risk of messages being intercepted or stolen. These standards address a security weakness that has been a part of the internet since […]
Leaked admin accounts and passwords for radio stations allowed anyone to log-in and hijack broadcasts. A password leak vulnerability in a popular broadcast platform could allow hackers to hijack online radio stations. The security flaw allows anyone to reveal the plaintext admin account and password for almost any radio station hosted on SoniXCast, a New […]
Since the Thunderstrike bootkit attacks targeting Apple firmware were disclosed in 2015, Apple has bundled subsequent EFI updates with its regular macOS security and software updates in an attempt to improve protection around its hardware. Researchers at Duo Security, however, have uncovered that many of those updates are incomplete, and fleets of Macs running in enterprises worldwide may be […]
Earlier this year we performed research into Broadcom’s Wi-Fi stack. Due to the ubiquity of Broadcom’s stack, we chose to conduct our prior research through the lens of one affected family of products — the Android ecosystem. To paint a more complete picture of the state of Wi-Fi security in the mobile ecosystem, we’ve chosen […]
News of the day is that another big company suffered a security breach, the victim is the Amazon-owned grocery chain Whole Foods Market. has fallen victim to a credit card security breach. Whole Foods Market has around 500 stores in the United States, United Kingdom, and Canada, the company acquired by Amazon for $13.7 billion […]
Throughout this blog post we will be detailing a newly discovered RTF document family that is being leveraged by the FIN7 group (also known as the Carbanak gang) which is a financially-motivated group targeting the financial, hospitality, and medical industries. This document is used in phishing campaigns to execute a series of scripting languages containing […]
learned about a malicious code injection that allowed a hacker to steal private keys from multiple victims’ wallets and then manually drain the funds from those wallets. I will attempt to describe the attack, the security vulnerability that made it possible, and as much information as I have on the attacker. Some Background For those […]
Cisco has released security updates for its IOS Operating System to fix more than a dozen critical and high severity vulnerabilities. Cisco has released updates for its IOS software to fix more than a dozen critical and high severity vulnerabilities that could be exploited by attackers to remotely take over company’s switches and routers. Giving […]
Microsoft’s Internet Explorer browser is affected by a serious bug that allows rogue sites to detect what the user is typing in his URL address bar. This includes new URLs where the user might be navigating to, but also search terms that IE automatically handles via a Bing search. Users copy-pasting URLs for Intranet pages […]
A third banking trojan has added support for EternalBlue, an exploit supposedly created by the NSA, leaked online by the Shadow Brokers, and the main driving force behind the WannaCry and NotPetya ransomware outbreaks. The first banking trojans to do so were Emotet and TrickBot, back in July this year. These two banking trojans used heavy […]
Researchers at RIPS Technologies discovered a login page vulnerability affecting Joomla versions between 1.5 and 3.7.5 that exposes admin credentials. Experts at RIPS Technologies discovered a login page flaw affecting Joomla versions between 1.5 and 3.7.5 that exposes admin credentials. The flaw affects Joomla installs when using Lightweight Directory Access Protocol (LDAP) authentication. Joomla implements LDAP access via TCP/IP […]
Security researchers have tracked a malware distribution campaign spreading the FinFisher spyware — also known as FinSpy — to the infrastructure of Internet Service Providers (ISPs) in at least two countries. Researchers suspect that ISPs used their ability to control user trafic and redirect users attempting to download certain software to a different link offering […]
A team of three scientists from Columbia University has discovered that by attacking the combo of hardware and software management utilities embedded with modern chipsets, threat actors can take over systems via an attack surface found in almost all modern electronic devices. The issue at the heart of this attack is energy management solutions. CPU […]
Attacks aimed at delivering cryptocurrency mining tools on enterprise networks have gone up as much as six times, according to telemetry data collected by IBM’s X-Force team between January and August 2017. A recent report by fellow cyber-security firm Kaspersky found that cryptocurrency mining malware also infected over 1.65 million machines running Kaspersky solutions in the first […]
Yesterday, the US Securities and Exchange Commission (SEC) — the US government agency that regulates the financial sector — admitted in a statement that hackers breached one of its systems. According to SEC Chairman Jay Clayton, hackers infiltrated the SEC’s EDGAR (Electronic Data Gathering, Analysis, and Retrieval) system, a database holding information on official company filings, future […]
A lot has already been written about TrickBot, a banking trojan which is believed to be the successor of the Dyre banking malware. However, only few articles discuss the trojans core component used to defraud its victims: web injects, so in this blog I will discuss these in depth. Web injects are pieces of web page […]
Heating, ventilation, and air conditioning (HVAC) systems can be used as a means to bridge air-gapped networks with the outside world, allowing remote attackers to send commands to malware placed inside a target’s isolated network. This type of attack scenario — codenamed HVACKer by its creators — relies on custom-built malware that is capable of […]