News


  • Potential Targeted Attack Uses AutoHotkey and Malicious Script Embedded in Excel File to Avoid Detection

    April 17, 2019

    Trend Micro discovered a potential targeted attack that makes use of legitimate script engine AutoHotkey, in combination with malicious script files. This file is distributed as an email attachment and disguised as a legitimate document with the filename “Military Financing.xlsm.” The user would need to enable macro for it to open fully, which would use ...

  • Source code of Iranian cyber-espionage tools leaked on Telegram

    April 17, 2019

    In an incident reminiscent of the Shadow Brokers leak that exposed the NSA’s hacking tools, someone has now published similar hacking tools belonging to one of Iran’s elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten. The hacking tools are nowhere near as sophisticated as the NSA tools leaked in 2017, but they are dangerous nevertheless. The tools have been ...

  • Pirates of Brazil: Integrating the Strengths of Russian and Chinese Hacking Communities

    April 16, 2019

    Each country’s hackers are unique, with their own codes of conduct, forums, motives and payment methods. Recorded Future’s Portuguese-speaking analysts, with a long-standing background in the Brazilian underground, have analyzed underground markets and forums tailored to the Brazilian Portuguese audience over the past decade and discovered a number of particularities in content hosted on forums, ...

  • APAC consumers have little trust in digital services

    April 16, 2019

    Just 31% of consumers in Asia-Pacific believe their personal information will be managed in a trustworthy way by businesses offering digital services, with only 5% willing to transact with companies that offer cheaper but less trusted digital platforms. The apparent lack of trust in digital companies is understandable, considering almost 40% have had their trust ...

  • Malspam Campaigns Distribute HawkEye Keylogger, Post Ownership Change

    April 16, 2019

    After the HawkEye malware kit underwent an ownership change and new development, researchers are spotting the keylogger used in several malicious email campaigns. The HawkEye malware kit and information-stealer has been spotted in a newfound slew of campaigns after a recent ownership change. While the keylogger has been in continuous development since 2013, in December a thread ...

  • Scranos: New Rapidly Evolving Rootkit-Enabled Spyware Discovered

    April 16, 2019

    A new powerful rootkit-enabled spyware operation has been discovered wherein hackers are distributing multifunctional malware disguised as cracked software or trojanized app posing as legitimate software like video players, drivers and even anti-virus products. While the rootkit malware—dubbed Scranos—which was first discovered late last year, still appears to be a work in progress, it is continuously evolving, ...

  • EU: No evidence of Kaspersky spying despite ‘confirmed malicious’ classification

    April 16, 2019

    In a document published today, the European Commission has revealed that they don’t have any actual evidence of Kaspersky software being used for spying on behalf of the Russian government, as the US government alluded in 2017. The document was the Commission’s reply to a series of questions submitted by Gerolf Annemans, a European Parliament member on behalf ...

  • This malware campaign is targeting the military with phony emails from a defence contractor

    April 16, 2019

    The Ukrainian government and military is being targeted with spear-phishing attacks as part of a cyber-espionage operation based around dropping powerful malware. These phishing attacks have been detailed by researchers at cybersecurity firm FireEye, who identified malicious emails being sent to Ukrainian military departments in January this year. The malware is being sent, presumably, with the aim of monitoring ...

  • Major sponsor signs up for BIDEC 2019 – Bahrain’s only tri-service International Defence Exhibition

    April 16, 2019

    Preparations have begun for BIDEC 2019, one of the region’s key International defence exhibitions with key partners confirming participation. Following the outstanding success of the first Bahrain International Defence Exhibition & Conference (BIDEC) in 2017, keen interest for the next edition scheduled for 28-30 October 2019 has begun to build as major international defence and security ...

  • New zero-day vulnerability CVE-2019-0859 in win32k.sys

    April 15, 2019

    CVE-2019-0859 is a Use-After-Free vulnerability that is presented in the CreateWindowEx function. During execution CreateWindowEx sends the message WM_NCCREATE to the window when it’s first created. By using the SetWindowsHookEx function, it is possible to set a custom callback that can handle the WM_NCCREATE message right before calling the window procedure. In win32k.sys all windows are ...

  • A hacker has dumped nearly one billion user records over the past two months

    April 15, 2019

    A hacker who spoke with ZDNet in February about wanting to put up for sale the data of over one billion users is getting dangerously close to his goal after releasing another 65.5 million records last week and reaching a grand total of 932 million records overall. The hacker’s name is Gnosticplayers, and he’s responsible for the hacks ...

  • Outlook.com hack much worse than initially thought

    April 15, 2019

    A hack that Microsoft said affected “some” of its users’ email accounts is much worse than initially thought, according to reports. On Saturday, the company confirmed that some users of its email services had been targeted by hackers. But the issue is thought to be much worse than previously reported as the hackers were able to ...

  • Hackers Compromise Microsoft Support Agent to Access Outlook Email Accounts

    April 13, 2019

    If you have an account with Microsoft Outlook email service, there is a possibility that your account information has been compromised by an unknown hacker or group of hackers, Microsoft confirmed The Hacker News. Earlier this year, hackers managed to breach Microsoft’s customer support portal and access information related to some email accounts registered with the ...

  • France Wins Cyber Defence Exercise Locked Shields 2019

    April 12, 2019

    The team from France wins the largest and most complex international live-fire cyber defence exercise Locked Shields 2019. Czech and Swedish team take second and third place respectively. “The winning team excelled in availability, usability and providing services for the customer,” said Lauri Luht, Head of Cyber Exercises at NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE). “Every ...

  • Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password

    April 10, 2019

    Breaking — It has been close to just one year since the launch of next-generation Wi-Fi security standard WPA3 and researchers have unveiled several serious vulnerabilities in the wireless security protocol that could allow attackers to recover the password of the Wi-Fi network. WPA, or Wi-Fi Protected Access, is a standard designed to authenticate wireless devices using the Advanced ...

  • UK Government Publishes Social Media Regulation Plans

    April 8, 2019

    White paper calls for an independent regulator that would write a code of conduct covering illegal or dangerous content – and would have the power to impose huge fines The government has published plans for an independent regulator that would be capable of imposing huge fines on internet firms that propagate dangerous or illegal content. The Online Harms White Paper, ...

  • Dropbox uncovers 264 vulnerabilities in HackerOne Singapore bug hunt

    April 6, 2019

    Dropbox has uncovered 264 vulnerabilities, paying out $319,300 in bounties, after a one-day bug hunt in Singapore that brought together hackers from 10 nations around the world. Hosted by bug bounty platform HackerOne, the live event saw 45 of its members from countries such as Japan, India, Australia, Hong Kong, and Sweden, and some as ...

  • Exodus Spyware Found Targeting Apple iOS Users

    April 5, 2019

    The surveillance tool was signed with legitimate Apple developer certificates. The spyware that was recently found lurking in 25 different malicious apps on Google Play has been ported to the Apple iOS ecosystem. The surveillance package – dubbed Exodus – can exfiltrate contacts, take audio recordings and photos, track location data and more on mobile devices. Earlier ...

  • Backdoor code found in popular Bootstrap-Sass Ruby library

    April 5, 2019

    Backdoor code was found added in a popular Ruby library used for frontend user interfaces inside Ruby and Ruby on Rails applications. The malicious code was removed via a library update. The library affected by this incident is Bootstrap-Sass, a Ruby package that provides developers with a Sass-version of Bootstrap, the most popular UI framework for developers today. The backdoor’s ...

  • FBI criticized for delaying breach notifications, including insufficient details

    April 5, 2019

    The Federal Bureau of Investigations does a poor job at notifying victims of a cyber-attack, a US government report released earlier this week concluded. FBI notifications arrive either too late or contain insufficient information for victims to take action, a report from the Department of Justice’s Office of the Inspector General (DOJ-OIG) has concluded. The report analyzed Cyber Guardian, ...