News


  • Apple, Amazon Strongly Refute Server Infiltration Report

    October 4, 2018

    An explosive Bloomberg report, if true, would highlight the largest supply chain attack to have been launched against American corporations. Apple and Amazon are strongly refuting a report claiming that Chinese spies infiltrated third-party motherboards used on servers by U.S. companies. If true, the incident would be the largest supply chain attack to have been launched ...

  • UK pins ‘reckless campaign of cyber attacks’ on Russian military intelligence

    October 4, 2018

    The UK government this morning pointed the finger at Russian military intelligence for a litany of cyber nasties. In the bulletin, the UK government’s National Cyber Security Centre (NCSC) declared that a range of attacks blamed on the Kremlin are actually the work of Russian military intelligence, GRU. This comes in the wake of long-standing concerns that Russia ...

  • Bug bounty scheme uncovers 150 vulnerabilities in US Marine Corps websites

    October 4, 2018

    Nearly 150 security vulnerabilities have been discovered in US Marine Corps websites and related services during a bug bounty challenge that saw ethical hackers awarded over $150,000. Hack The Marine Corps is the sixth public bounty program by the US Department of Defense (DoD) and bug bounty platform HackerOne. More than 100 ethical hackers took part ...

  • Fallout Exploit Kit Now Installing the Kraken Cryptor Ransomware

    October 4, 2018

    The Fallout Exploit has been distributing the GandCrab Ransomware for the past few weeks, but has now switched its payload to the Kraken Cryptor Ransomware. Kraken Cryptor is a Ransomware as a Service (RaaS) that is actively being distributed by affiliates. As this is an affiliate system, we are seeing different bad actors distributing the ransomware using a variety ...

  • US to offer cyberwar capabilities to NATO allies

    October 4, 2018

    Acting to counter Russia’s aggressive use of cyberattacks across Europe and around the world, the U.S. is expected to announce that, if asked, it will use its formidable cyberwarfare capabilities on NATO’s behalf, according to a senior U.S. official. The announcement is expected in the coming days as U.S. Defense Secretary Jim Mattis attends a meeting of NATO defense ministers ...

  • Turla APT Changes Shape with New Code and Targets

    October 4, 2018

    The Turla APT group’s extensive activities have diversified this year, representing a mix of old code, new code and fresh targets. Perhaps most interesting, this sophisticated group is branching into using scripts and open-source code in its malware development – a marked departure for an APT best-known for deploying a complex rootkit called Snake, traditionally focused on ...

  • Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash

    October 3, 2018

    The US-CERT has released a joint technical alert from the DHS, the FBI, and Treasury warning about a new ATM scheme being used by the prolific North Korean APT hacking group known as Hidden Cobra. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and ...

  • Artificial Intelligence: A Cybersecurity Tool for Good, and Sometimes Bad

    October 3, 2018

    Attractive to both white-hats and cybercriminals, AI’s role in security has yet to find an equilibrium between the two sides. Artificial intelligence is the new golden ring for cybersecurity developers, thanks to its potential to not just automate functions at scale but also to make contextual decisions based on what it learns over time. This can ...

  • French police officer caught selling confidential police data on the dark web

    October 3, 2018

    A French police officer has been charged and arrested last week for selling confidential data on the dark web in exchange for Bitcoin. The officer worked for Direction Générale de la Sécurité Intérieure (DGSI, translated to General Directorate for Internal Security), a French intelligence agency charged with counter-espionage, counter-terrorism, countering cybercrime and surveillance of potentially threatening ...

  • Industry backs Norway’s AI powerhouse project

    October 2, 2018

    Norway is stepping up its efforts in the rapidly evolving and increasingly commercial artificial intelligence (AI) sector. Participants in the latest programme want to reduce the country’s reliance on oil revenues by tapping into AI opportunities in its growing technology sector. Norway has traditionally played a junior role in the context of Nordic technology development, investment and ...

  • Use Windows, macOS? Don’t be hacked by PDF, patch these critical Adobe flaws now

    October 2, 2018

    Adobe’s scheduled October update for its Acrobat and Reader PDF software addresses 85 vulnerabilities, including dozens of critical flaws that allow arbitrary code execution. The patches also address multiple privilege-escalation and information-disclosure flaws, shoring up Adobe’s PDF software further following a patch for a critical Acrobat and Reader flaw plugged two weeks ago. The bugs affect Acrobat DC ...

  • Keyloggers Turn to Zoho Office Suite in Droves for Data Exfiltration

    October 2, 2018

    An extremely high number of keylogger phishing campaigns have been seen tied to the Zoho online office suite software; in an analysis, a full 40 percent spotted in the last month used a zoho.com or zoho.eu email address to exfiltrate data from victim machines. A Cofense analysis, published Tuesday, of popular keylogging malware – which records ...

  • World Cup may have distracted malware hackers

    October 2, 2018

    This holiday season, together with the 2018 World Cup that took place in Russia, may have lulled hackers, cyber security researchers are claiming. New research from Cofense says that the distribution of TrickBot saw a significant drop during the World Cup. TrickBot is a banking malware known by constantly being updated and transformed. From April, up until ...

  • Microsoft Detection Tools Sniff Out Fileless Malware

    October 2, 2018

    Microsoft recently reported that their advanced threat protection tools were able to detect and block two heavily obfuscated and malicious scripts. The threats were apparently using the Sharpshooter technique, which was documented and published in a 2017 blog post from a British security firm. A report from the company details the elusive payload—it did not trigger antivirus scanning, was loaded ...

  • Security & Counter Terror Expo 2019 – The UK’s Leading National Security Event, 5-6 March 2019, Olympia, London

    October 2, 2018

    Security & Counter Terror Expo is a world-class showcase of the capabilities, strategies and intelligence to keep nations, infrastructure, business and people safe. Stepping into a New Decade After celebrating its 10-year anniversary, Security & Counter Terror Expo is launching a brand new decade with its 2019 edition. The goal of the 2019 campaign is to see a ...

  • GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers

    October 1, 2018

    Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—and steal their login credentials. Dubbed GhostDNS, the campaign has many similarities with the infamous DNSChanger malware that works by changing DNS server settings ...

  • Report Ties North Korean Attacks to New Malware, Linked by Word Macros

    October 1, 2018

    Newly discovered malware from the world of cyberespionage connects the dots between the tools and operations of the little-known Reaper group believed to act on behalf of the North Korean government. The latest findings indicate that the remote access Trojans (RAT) in the KONNI and DOGCALL families are the work of the same operator, tasked with ...

  • This is how cyber attackers stole £2.26m from Tesco Bank customers

    October 1, 2018

    The inner workings of a cyber attack against Tesco Bank which saw £2.26m stolen from 9,000 customers — and resulted in the bank being fined over £16.4m for the failings that allowed it to happen — have been revealed. The Financial Conduct Authority (FCA) has hit the bank with a £16.4m fine and said Tesco Bank failed to ...

  • An insider view of a cybersecurity training workshop for employees of Europe’s transmission system operators.

    October 1, 2018

    After the hackers had stealthily accessed the SCADA system and blew the transformer with a loud bang, the defenceless employees had no option but to remove the control plugs and manually turn the machine back on. “That’s what they had to do in Ukraine,” said Michael John, Director of Operations at the European Network for Cybersecurity (ENCS), referring to the world’s ...

  • Boffin: Dump hardware number generators for encryption and instead look within

    October 1, 2018

    Hardware-based random number generators (HWRNGs) for encryption could be superseded after a Philippines-based researcher found that side-channel measurement of the timing of CPU operations provide enough entropy to seed crypto systems with the necessary randomness. In a paper presented on Saturday at the International Conference on Innovative Research in Science, Technology and Management (ICIRSTM) in Singapore, JV Roig, ...