News


  • Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic

    September 3, 2018

    Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially vulnerable MikroTik routers, more than 7,500 devices have been compromised to enable Socks4 proxy maliciously, allowing attackers to ...

  • APT10 Under Close Scrutiny as Potentially Linked to Chinese Ministry of State Security

    September 3, 2018

    n advanced threat actor has been associated with China’s Ministry of State Security via two individuals and a Chinese firm. Researchers claim that APT10, a likely China-based threat actor, is believed directly connected to the Chinese Ministry of State Security’s (MSS) Tianjin bureau. The allegations come from CrowdStrike which released a report Friday that claims it has found firm ...

  • Forget WannaCry, staff themselves pose a risk to healthcare data

    September 3, 2018

    More than half of all healthcare data breaches reported during 2017 could be traced back to people on the inside of victim organisations, according to an annual study by Verizon. The company’s latest Protected Health Information Data Breach Report (PHIDBR) looked at 1,368 mostly US examples, identifying 782 (57.5 per cent) as having an insider element. A ...

  • Five Eyes governments get even tougher on encryption

    September 2, 2018

    “The governments of the United States, the United Kingdom, Canada, Australia, and New Zealand are committed to personal rights and privacy, and support the role of encryption in protecting those rights,” began a document agreed to last week. Sounds good. But wait. The government ministers who met on Australia’s Gold Coast last week went on to ...

  • Cyber threat against Danish banks ‘very high’: agency

    September 1, 2018

    The cyber threat against Denmark’s financial sector is considered to be very high, according to a report by the Centre for Cyber Security (Center for Cybersikkerhed). The centre, which is a department of military security agency FET (Forsvarets Efterretningstjeneste), assesses cyber threats against Denmark and Danish businesses. “The threat posed to the Danish financial sector by cyber ...

  • Why is Google selling potentially compromised Chinese security keys?

    August 31, 2018

    Google has come under fire for its ties to China recently. The situation has the potential to get a lot worse now that Google is offering a Chinese security product to those who need protection the most. Earlier this month, the tech giant was criticised after reports emerged of its secret project to develop a Google ...

  • Cobalt Group Targets Banks in Eastern Europe with Double-Threat Tactic

    August 30, 2018

    The campaign uses double infection points and two command-and-control servers. The infamous financial cybercrime gang known as Cobalt Group has been spotted actively pushing a fresh campaign that uses a peculiar tactic: Double infection points and two command-and-control (C2) servers. The Cobalt Group, a known financial cybercrime ring since 2016, has been suspected in attacks in dozens ...

  • Attackers Abuse WMIC to Download Malicious Files

    August 30, 2018

    Malware authors use WMIC and a host of other legitimate tools to deliver information-stealing malware, highlighting the continued use of living off the land tactics. We recently observed malware authors using a combination of a tool found on all Windows computers and a usually innocuous file type associated with modifying and rendering XML documents. While these ...

  • Microsoft Windows zero-day vulnerability disclosed through Twitter

    August 28, 2018

    Microsoft has quickly reacted to the disclosure of a previously unknown zero-day vulnerability in the Windows operating system. On Monday, Twitter user SandboxEscaper revealed the existence of the bug on the microblogging platform. As reported by the Register, the user said: “Here is the alpc bug as 0day. I don’t f**king care about life anymore. Neither do I ...

  • How hackers managed to steal $13.5 million in Cosmos bank heist

    August 27, 2018

    Earlier this month, reports surfaced which suggested that Cosmos Bank, India’s oldest at 112 years old, had become the victim of a cyberattack which left the institution millions out of pocket. The attack reportedly took place in two stages been August 10 – 13. According to the Hindustan Times, malware was used on the bank’s ATM server ...

  • Side-Channel Attack Allows Remote Listener to ‘Hear’ On-Screen Images

    August 27, 2018

    A stealthy side-channel tactic for digital surveillance has been uncovered, which allows an attacker to “hear” on-screen images. According to a team of academic researchers from Columbia University, the University of Michigan, University of Pennsylvania and Tel Aviv University, inaudible acoustic noises emanating from within computer screens can be used to detect the content displayed on ...

  • Smartphones From 11 OEMs Vulnerable to Attacks via Hidden AT Commands

    August 25, 2018

    Millions of mobile devices from eleven smartphone vendors are vulnerable to attacks carried out using AT commands, a team of security researchers has discovered. AT (ATtention) commands, or the Hayes command set, is a collection of short-string commands developed in the early 1980s that were designed to be transmitted via phone lines and control modems. Different AT ...

  • Spyware firm SpyFone leaves customer data, recordings exposed online

    August 24, 2018

    Spyware is morally dubious software, and yet, business is booming. This particular form of malware comes in various forms including keyloggers, modular software capable of taking screenshots, malicious code able to view and steal content such as photos and videos, as well as recorders of text messages, phone calls, and browser histories. It is not just government entities or ...

  • macOS users targeted by new Lazarus attack

    August 23, 2018

    If you’re into cryptocurrency trading, you might want to pay attention, because a new malware is making rounds that’s stealing people’s money from crypto exchanges. And no, macOS is not safe either, there’s a version for Apple’s operating system, as well. Kaspersky Lab’s researchers from the Global Research and Analysis Team (GReAT) announced they discovered malware dubbed AppleJeus. In ...

  • Apple Forces Facebook VPN App Out of iOS Store for Stealing Users’ Data

    August 23, 2018

    Facebook yesterday removed its mobile VPN app called Onavo Protect from the iOS App Store after Apple declared the app violated the iPhone maker’s App Store guidelines on data collection. For those who are unaware, Onavo Protect is a Facebook-owned Virtual Private Network (VPN) app that was primarily designed to help users keep tabs on their ...

  • AdvisorsBot Downloader Emerges in Raft of Malware Campaigns

    August 23, 2018

    A tricky downloader has hit the scene in a series of campaigns targeting restaurants, hotels and telecommunications companies. A new downloader was disclosed today, sporting significant anti-analysis features and increasingly sophisticated distribution techniques. Researchers at Proofpoint have been tracking the downloader as a first-stage payload in campaigns since May 2018. Dubbed AdvisorsBot (due to early command-and-control domains, ...

  • T-Mobile Hacked — 2 Million Customers’ Personal Data Stolen

    August 23, 2018

    T-Mobile today confirmed that the telecom giant suffered a security breach on its US servers on August 20 that may have resulted in the leak of “some” personal information of up to 2 million T-Mobile customers. The leaked information includes customers’ name, billing zip code, phone number, email address, account number, and account type (prepaid or postpaid). However, the ...

  • DNC: Highly Publicized ‘Phishing Attempt’ Was Only a Security Test

    August 23, 2018

    An unnamed Democratic source told CNN Wednesday that the DNC was alerted to the presence of a spoofed log-in page designed to mimic VoteBuilder – a platform used by Democratic Party officials and campaigns across the country to manage the Democratic registered voter database. The alarm was raised by security researchers at Lookout and a cloud provider, the source ...

  • Superdrug hack: Data thieves claim to have information on 20,000 customers

    August 22, 2018

    Superdrug has been targeted by hackers claiming they had access to tens of thousands of customers’ personal details including dates of birth and phone numbers. The high street chain it had been contacted by someone who claimed that they had obtained the details of approximately 20,000 customers. The company confirmed that 386 of the accounts had been compromised and said ...

  • Legacy System Exposes Contact Info of BlackHat 2018 Attendees

    August 22, 2018

    Full contact information of everyone attending the BlackHat security conference this year has been exposed in clear text, a researcher has found. The data trove includes name, email, company, and phone number. The BlackHat 2018 conference badge came embedded with a near-field communication (NFC) tag that stored the contact details of the participant, for identification or for ...