News


  • Hacking group returns, switches attacks from ransomware to trojan malware

    November 16, 2018

    A prolific hacking group has returned with a new campaign which looks to deliver a new remote access trojan (RAT) to victims in order to create a backdoor into PCs to steal credentials and banking information. The campaign is suspected to be the work of TA505, a well-resourced hacking group which has been active since at least 2014. ...

  • Russian Banks Under Phishing Attack

    November 16, 2018

    Banks in Russia today were the target of a massive phishing campaign that aimed to deliver a tool used by the Silence group of hackers. The group is believed to have a background in legitimate infosec activities and access to documentation specific to the financial sector. The fraudulent emails purported to come from the Central Bank of Russia (CBR) ...

  • 0-Days Found in iPhone X, Samsung Galaxy S9, Xiaomi Mi6 Phones

    November 15, 2018

    At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully patched smartphones running the latest version of software from popular smartphone manufacturers can be hacked. Three major flagship smartphones—iPhone X, Samsung Galaxy S9, and Xiaomi Mi6—were among the devices that successfully got hacked at ...

  • Siemens Patches Firewall Flaw That Put Operations at Risk

    November 14, 2018

    The industrial company on Tuesday released mitigations for eight vulnerabilities overall. Siemens AG on Tuesday issued a slew of fixes addressing eight vulnerabilities spanning its industrial product lines. The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens’ SCALANCE firewall product. The flaw could allow an attacker to gain unauthorized access to ...

  • The US Office of Personnel Management Systems Are Still Insecure

    November 14, 2018

    The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full compliance is expected by the end of 2019. GAO carried out between February 2015 ...

  • State-Sponsored Actors Focus Attacks on Asia

    November 14, 2018

    Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises, “In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe.” Although, not only state-sponsored groups are focusing their attention on this ...

  • 7 New Meltdown and Spectre-type CPU Flaws Affect Intel, AMD, ARM CPUs

    November 14, 2018

    Disclosed earlier this year, potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processors proven that speculative execution attacks can be exploited in a trivial way to access highly sensitive information. Since then, several more variants of speculative execution attacks have been discovered, including Spectre-NG, SpectreRSB, Spectre 1.1, Spectre1.2, TLBleed, Lazy FP, NetSpectre and Foreshadow, patches for which were released ...

  • Devastating Cyberattack Shakes Up Pakistan’s Financial Sector

    November 14, 2018

    According to PakCERT’s Qazi Misbah, 22 banks in the country were subject to a catastrophic cyber attack on October 27th of this year. 19,864 accounts with client banking data were hit, with some victims saying that funds were stolen. Amongst the many targets was the former Chief Scientist of Khan Research Laboratories, who says that Rs3 ...

  • October 2018’s Most Wanted Malware: For The First Time, Remote Access Trojan Reaches Top 10 Threats

    November 13, 2018

    For the first time, Check Point threat intelligence researchers found that a remote access Trojan (RAT) has reached the Global Threat Index’s Top 10.  Dubbed “FlawedAmmyy”, this type of attack allows attackers to remotely control the victim’s machine– gaining full access to the machine’s camera and microphone, collecting screen grabs, stealing credentials and sensitive files, ...

  • Microsoft patches Windows zero-day used by multiple cyber-espionage groups

    November 13, 2018

    Microsoft released today its monthly roll-up of security patches known as Patch Tuesday. This month, the Redmond-based company has fixed 62 security flaws. Among the 62 fixes, there is also a fix for a zero-day vulnerability that was under active exploitation before today’s patches were made available. The zero-day, tracked as CVE-2018-8589, impacts the Windows Win32k component. Microsoft ...

  • Using Machine Learning to Cluster Malicious Network Flows From Gh0st RAT Variants

    November 13, 2018

    Cybercriminals have become more and more creative and efficient in their efforts to successfully bypass network security. Reports of unauthorized network intrusions that have compromised enterprise security, resources, and data, plague experts on a day-to-day basis, and will continue to do so if not prevented by a more efficient detection system or method. Currently, attackers use polymorphism, ...

  • Cathay Pacific hack: Airline admits techies fought off cyber-siege for months

    November 12, 2018

    Fresh from belatedly admitting that 9.4 million passengers’ personal data was stolen by hackers, Hong Kong airline Cathay Pacific has now admitted that it was under attack for three solid months before it took half a year to tell anyone. In its initial public statement on the hack, which saw names, nationalities, dates of birth, addresses, ...

  • EUROPOL: Internet Organised Crime Threat Assessment 2018

    November 12, 2018

    It is my pleasure to introduce the 2018 Internet Organised Crime Threat Assessment (IOCTA), not only as it is the fifth anniversary edition of the report, but also my first as the Executive Director of Europol. The IOCTA has been and continues to be a flagship strategic product for Europol. It provides a unique law enforcement ...

  • The White Company: Inside the Operation Shaheen Espionage Campaign

    November 12, 2018

    In a new collection of extensive research reports, the Cylance Threat Intelligence Team profiles a new, likely state-sponsored threat actor called The White Company – in acknowledgement of the many elaborate measures they take to whitewash all signs of their activity and evade attribution. The report details one of the group’s recent campaigns, a year-long espionage ...

  • Emotet Campaign Ramps Up with Mass Email Harvesting Module

    November 12, 2018

    The new variant can exfiltrate emails for a period going back 180 days, en masse. A large-scale spam campaign has launched, spreading the Emotet banking trojan. Worryingly, the offensive has launched about a week after a fresh module for mass email-harvesting was detected for the malware. Emotet is technically a banking trojan, but it’s most often used ...

  • Cisco Accidentally Released Dirty Cow Exploit Code in Software

    November 8, 2018

    Cisco revealed that it had “inadvertently” shipped an in-house exploit code that was used in test scripts as part of  its TelePresence Video Communication Server and Expressway Series software. Cisco Systems revealed in a security bulletin Wednesday that it “inadvertently” shipped in-house exploit code that was used in security tests of scripts as part of its ...

  • US Cyber Command starts uploading foreign APT malware to VirusTotal

    November 8, 2018

    On Monday, the Cyber National Mission Force (CNMF), a subordinate unit of US Cyber Command (USCYBERCOM), set in motion a new initiative through which the DOD would share malware samples it discovered on its networks with the broader cybersecurity community. The CNMF kicked off this new project by creating an account on VirusTotal, an online file scanning service that ...

  • IoT security: Why it will get worse before it gets better

    November 7, 2018

    There are billions of connected devices in use around the world, in our homes, our offices, even inside our bodies as medical devices are connected to an ever-growing internet of things (IoT). Vendors rush to add to the range of devices available, with many looking to gain a hold in the market as quickly as possible, delivering ...

  • Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw

    November 7, 2018

    A sophisticated proxy code has infected hundreds of thousands of devices already. A fresh botnet is spreading across the landscape, targeting router equipment. So far, hundreds of thousands of bot endpoints have already been identified, and they’re apparently being marshaled to send out massive amounts of spam. The botnet first emerged in September, according to 360Netlab telemetry, ...

  • Healthcare Targeted by 37 Percent of All Ransomware Attacks in Q3 2018

    November 7, 2018

    During the third quarter of 2018 ransomware attacks were at an all-time high and the ransoms asked from organizations to decrypt the locked files were also on the rise according to a report from Beazley Breach Response (BBR) Services. According to their analysis, the number of ransomware attacks more than doubled during September when compared to ...