ATMs (automated teller machines) have remained a preferred target of hackers around the world. Last year, ATMs in over a dozen locations across Europe were attacked. There was widespread hacking of ATMs across Taiwan, Thailand, and Pakistan whereas Bangladesh’s central bank experienced world’s largest digital heist when SWIFT system was attacked, and $81 million (£64.95 million) […]
The hack targets computers worldwide running on Microsoft Windows 2003 It exploits a known flaw in the servers, triggering a buffer overflow This allows hackers to remotely access the computer, and plant ransomware Experts have warned that a devastating global cyber attack is imminent. The hack, called ‘ExplodingCan’, targets computers running on Microsoft Windows […]
It’s more than a week since WannaCry ransomware started causing panic among the internet community. However, as time passes, more and more security researchers across the world are coming up with fixes for the WannaCry ransomware. Earlier, it was a researcher who accidentally created a kill switch for the ransomware. Now, another researcher named Adrien Guinet […]
Short Bytes: By combining a flaw in the working of SMB networking protocol and Windows .scf files, a security researcher has come up with a unique Windows hacking method. Just by accessing the folder with a specially crafted .scf file, a user will end up sharing the computer credentials via Chrome and SMB protocol. The […]
Internet users worldwide are now familiar with the WannaCry or WanaCrypt0r ransomware attack and how cybercriminals used it to infect cyber infrastructure of banking giants, hospitals, tech firms and sensitive installation in more than 90 countries. The users may also know that a British security researcher MalwareTechBlog accidentally discovered the kill switch of WanaCry by […]
Short Bytes: Security researcher from MalwareTech was able to halt the viral WanaCrypt0r ransomware while studying about the same. He registered an unregistered URL in the payload, and it turned out to be a kill switch to spread the malware. The URL might have been a command and control server or an intentional kill switch. Notably, WanaCrypt0r ransomware […]
Last year the Internet was taken down by cyber criminals through a massive Distributed Denial of Service Attack (DDoS) attack using the infamous Mirai malware. But last Friday afternoon, almost 99 countries including Russia, UK, USA and Australia became victims of a worldwide mass cyber-attack that has been reported to have caused major disruptions to […]
A Tool developed for searching malwares at openmalware.org by command line, allowing specific malware to be downloaded via shell. The tool was developed to facilitate and speed up the process of finding and downloading malware samples via the command line interface.” We’ve made use of the API provided by the two major malware dump sites […]
Malwaresearch is a command line tool to find malware on Openmalware.org, it was developed to facilitate and speed up the process of finding and downloading malware samples. The tool was developed to facilitate and speed up the process of finding and downloading malware samples via the command line interface. We’ve made use of the API provided by […]
Short Bytes: The researchers from Google Project Zero have revealed a remote code execution bug in Microsoft Windows. The attacker doesn’t require any software to take the advantage of the serious bug. Microsoft is expected to fix the bug on May 9 Patch Tuesday release, followed by a detailed report by the researchers. Update (May […]
IT security researchers at Trend Mirco demonstrated [PDF] how factory/industrial robots could be hacked and used for malicious purposes by threat actors – The demonstration centers around the security flaws in Internet of Things (IoT) devices and how they require emergency security implementations. The robots in question are manufactured by forums like ABB, Kawasaki, Fanuc and Yaskawa. T. The […]
There is an insane amount of industrial robots connected to the Internet, and even worse, thousands are left with no form of user authentication whatsoever, open to attack from anyone skilled enough to know how to sabotage their mode of operation. This is the sad conclusion of a new report published today by security researchers […]
A security researcher named “Michael Reizelman” privately disclosed a serious vulnerability in Flickr and earned a bounty of $7,000 in the process. A few days back, Michael spotted a critical flaw in the multimillion-image and video hosting website-Flickr through Yahoo’s HackerOne bug bounty program. Flickr uses token authentication system to keep the accounts safe, but according […]
I was recently invited to take part in some research by BBC Click, alongside Professor Alan Woodward, to analyse a device that had quite a lot of people all excited. With slick marketing, catchy tag lines and some pretty bold claims about their security, nomx claim to have cracked email security once and for all. […]
It’s a common perception that we’re kind of safe by setting up fingerprints scanners on our smartphones. After all, what are the chances that someone in the world has the same fingerprint, and will try to break into our smartphones, right? Well, things are about to change after the researchers from Michigan State University, and […]
Earlier this month, we teased a proof of concept for UEFI ransomware, which was presented at RSA Conference 2017. The HackingTeam, Snowden, Shadow Brokers, and Vault7 leaks have revealed that UEFI/BIOS implants aren’t just a theoretical concept, but have actually been weaponized by nation states to conduct cyber-espionage. Physical access requirements are a thing of […]
Windows Management Instrumentation (WMI) is a set of specifications from Microsoft for combining the management of devices and applications in a network from Windows computing systems. The Researcher named Christopher Truncer released a WMI based Agentless Post-Exploitation Remote Accessing Tool Developed in PowerShell on 23 March 2017 as mentioned in his blog post. Last year […]
WhatsApp and Telegram have patched their respective web clients against a common security flaw discovered by researchers from Israeli firm Check Point, a security issue that would have allowed an attacker to take over user accounts and spy on conversations or steal user account data. According to researchers, the entry point was an attacker’s ability […]
For many years, MAC Address Randomization was slated as the next big thing for protecting user privacy on the modern Internet. The standard, which works by deploying a new MAC address to a device in order to break down user tracking attempts, is still under development at the IEEE (Institute of Electrical and Electronics Engineers) […]
Delivered by “secure” Word doc, pure PowerShell malware fetches commands from DNS TXT records. Researchers at Cisco’s Talos threat research group are publishing research today on a targeted attack delivered by a malicious Microsoft Word document that goes to great lengths to conceal its operations. Based entirely on Windows PowerShell scripts, the remote access tool […]
Researcher Discover “A logic vulnerability” dubbed ReBreakCaptcha to bypassing Google’s reCAPTCHA fields which is using for prevent from robots and abusive scripts to access sites by using google’s Speech Recognition API. According to the Security Researcher , a bypass Technique called ReBreakCaptcha which is used for bypass Google’s ReCaptcha v2 anywhere on the web. The proof-of-concept […]