Double-click me not: Malicious proxy settings in OLE Embedded Script

Attackers have been using social engineering to avoid the increasing costs of exploitation due to the significant hardening and exploit mitigations investments in Windows. Tricking a user into running a malicious file or malware can be cheaper for an attacker than building an exploit which works on Windows 10. In our previous blog, Where’s the […]

Risk From Linux Kernel Hidden in Windows 10 Exposed at Black Hat

LAS VEGAS–Microsoft’s Windows 10 includes many innovative security features that are intended to help minimize risk and improve user experience. One such feature is Credential Guard, which aims to protect users against attacks. However, according to security firm Bromium, many risks remain.In a video interview with eWEEK ahead of a session on Aug. 4 at […]

Is Hidden Linux Subsystem In Windows 10 Making Your PC Unsafe?

Short Bytes: A security researcher has claimed that the newly-introduced Linux subsystem in Windows 10 could prove to be a risky affair by acting as a new attack layer. As this port of Ubuntu doesn’t run inside a Hyper-V hypervisor, the researcher claims that any malicious code injection in Linux applications can affect all files and […]

Foolishly Open-Sourced Internet Explorer Exploit Code Added to Neutrino EK

Neutrino EK now features support for CVE-2016-0189. The crooks behind the Neutrino Exploit Kit (EK) didn’t wait long to update their automated malware infection technology with exploit code foolishly open-sourced by a security startup on GitHub. Back in May, Microsoft announced it patched a vulnerability (CVE-2016-0189) in the Internet Explorer scripting engine that was affecting Internet […]

Voice Commands Hidden In YouTube Videos Can Hack Your Smartphone

Short Bytes: A combined research has been conducted by UC Berkeley and Georgetown University to demonstrate how distorted voice commands hidden in YouTube videos can be used to attack a smartphone. The research shows that certain harmful commands that can be understood by our voice assistants can be hidden inside a YouTube video. Speech recognition systems […]

Hidden Voice Commands Embedded in YouTube Videos Can Hijack Your Smartphone

Some attacks are hard to spot even by human subjects. A series of distorted voice commands surreptitiously hidden in YouTube videos can force unprotected Android or iOS smartphones to carry out malicious operations, researchers have discovered. Controlling smartphones with voice commands was already done last year when two security researchers from French agency ANSSI have used […]

How To Play Facebook Messenger’s New And Hidden Football Game

Short Bytes: Thanks to Euro 2016 season, Facebook has rolled out a new easter egg in the form of Messenger Football. All you need to do is send a football emoji to your friend and tap on it in the chat to start playing. It’s time to waste some time again as there’s a new […]

Crouching Tiger, Hidden DNS

An interesting DNS hijack that sets the victim’s computer to use specific DNS servers has emerged. Here are the key details of this intriguing threat.

“Forbidden attack” makes dozens of HTTPS Visa sites vulnerable to tampering

Researchers say 70,000 servers belonging to others also at risk. Dozens of HTTPS-protected websites belonging to financial services giant Visa are vulnerable to attacks that allow hackers to inject malicious code and forged content into the browsers of visitors, an international team of researchers has found. In all, 184 servers—some belonging to German stock exchange Deutsche […]

Detecting Hidden Backdoors in PHP OPcache

In this article, we will be looking at the strategies to detect and analyze malware hidden inside an OPcache file. If you haven’t read our previous article about hiding a binary webshell inside a PHP7 OPcache file, we suggest reading it before moving on. Scenario With the exploitation technique used in our last article, it […]

Viber adds end-to-end encryption and hidden chats as messaging app privacy wave grows

Following WhatsApp’s move to add end-to-end encryption to its platform, another big messaging company is joining the wave of apps turning on expanded privacy features.Viber — a messaging app with 711 million+ users — today is introducing end-to-end encryption for all messages and calls on its platform, including group chats (you can chat with up to 200 people), and a […]

Photos Show How NSA Implants Trojan In Routers For Hidden Access And Spying

ShortBytes: In a recent find out, it has been revealed how NSA implants trojan firmware in the networking devices being delivered to the targeted customers. You can also read an interesting description from an NSA manager about how it works. Ahoarded document which was fetched from the National Security Agency files released with Glenn Greenwald’s […]

PNG Embedded – Malicious payload hidden in a PNG file

One of the most complex tasks for the cybercriminals is to ensure their malicious code goes undetected by antivirus and achieves its goal. For this, they have invested a lot on more complex infection processes, going beyond the traditional phishing and using techniques where the malicious payload is hidden in encrypted files – even using […]

Developer Survey: Java Developers Are The Saddest And C++ Programmers Are The Oldest

Short Bytes: The stereotypes associated with programmers are countless. To study them, using Microsoft’s Face API, Trestle Technology has performed a survey that tells some interesting results like — C++ programmers are the oldest, Swift programmers are beardy hipsters, and Java programmers are the saddest. If we talk about the existing stereotypes in the programming world, you […]

Whole lotta onions: Number of Tor hidden sites spikes—along with paranoia

What’s driving the surge in hidden services—is it government tampering? In recent weeks, the number of “hidden services”—usually Web servers and other Internet services accessible by a “.onion” address on the Tor anonymizing network—has risen dramatically. After experiencing an earlier spike in February, the number of hidden services tracked by Tor spiked to 114,000 onion addresses […]

Are Hackers Keeping a Hidden Stash on Your HP Printer’s Hard Drive?

Unprotected HP printer HDDs can be abused if not protected. Security researcher Chris Vickery has discovered that HP LaserJet printers may be abused as an anonymous data storage unit by malicious actors, thanks mainly to a default setting that sets up an FTP server via port 9100. The feature in question has its place in HP’s […]

Media devices sold to feds have hidden backdoor with sniffing functions

Highly privileged account could be used to hack customers’ networks, researchers warn. A company that supplies audio-visual and building control equipment to the US Army, the White House, and other security-conscious organizations built a deliberately concealed backdoor into dozens of its products that could possibly be used to hack or spy on users, security researchers […]

How To Unlock Google Maps’ New Hidden Driving Mode 

Short Bytes: Call it a bug or an updated feature of the Google maps, now with the updated version of Google maps, without entering the destination, Google maps will suggest you things like nearby hotels, gas stations etc. This feature has not been released publicly but it is expected to come to your mobile soon. […]

Unlock Netflix’s hidden categories with these secret codes

Here’s a trick that’s been around for a while but may have passed you by: secret category codes added by Netflix engineers that can help you narrow down your on-demand video choices. From classic war movies to Brazilian dramas, here’s how to dig deeper into the Netflix library. Whenever you dive into a genre on […]

How to Hack TOR Hidden Services

A lot of people think that TOR services are unhackable because they are on a “secure environment”, but the truth is that those services are exactly the same that run on any normal server, and can be hacked with the same tools (metasploit,hydra,sqlmap…), the only thing you have to do is launch a transparent proxy […]