News


  • Dell announces security breach

    November 28, 2018

    US-based hardware giant Dell announced today a security breach that took place earlier this month, on November 9. Dell says it detected an unauthorized intruder (or intruders) “attempting to extract Dell.com customer information” from its systems, such as customer names, email addresses, and hashed passwords. The company didn’t go into details about the complexity of the ...

  • Pegasus Spyware Targets Investigative Journalists in Mexico

    November 27, 2018

    Colleagues of slain Javier Valdez Cárdenas, known for investigating drug cartels, were targeted just days after his death. The notorious state actor mobile spyware known as Pegasus has resurfaced, targeting the colleagues of a slain Mexican journalist who lived – and died – investigating drug cartels. Journalist Javier Valdez Cárdenas, founder of Río Doce, a Mexican newspaper ...

  • GreyEnergy APT Delivers Malware via Phishing Attacks and Multi-Stage Dropper

    November 27, 2018

    The highly complex backdoor malware payload designed by the GreyEnergy advanced persistent threat (APT) group is being dropped on targeted machines using the common phishing infection vector as detailed by Nozomi Networks’ Alessandro Di Pinto. GreyEnergy attacked and infiltrated the networks of multiple critical infrastructure targets from Eastern Europe, from Poland and Ukraine, with other objectives ...

  • Backdoor in Popular JavaScript Library Set to Steal Cryptocurrency

    November 27, 2018

    A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet. The affected package is Event-Stream, built to simplify working with Node.js streaming modules and it is available through the npmjs.com repository. Although the malicious code was discovered last week, researchers were able to determine ...

  • Threat Actor Uses DNS Redirects, DNSpionage RAT to Attack Government Targets

    November 27, 2018

    Cisco Talos discovered a new malware campaign targeting a commercial Lebanese airline company, as well as United Arab Emirates (UAE) and Lebanon government domains. According to Cisco Talos’ findings, the recently observed campaign could not be connected to other threat actors or attacks based on the used infrastructure and its Tactics, Techniques, and Procedures (TTP). The actor ...

  • Mobile Rotexy Malware Touts Ransomware, Banking Trojan Functions

    November 26, 2018

    A mobile malware has accelerated its activity in 2018, launching more than 70k attacks in August through October. Mobile malware, dubbed Rotexy, has evolved from being spyware to now a dangerous banking trojan packing a host of new clever features. Researchers report 70,000 attacks between August and October with targets primarily based in Russia. In a technical brief released ...

  • Germany proposes router security guidelines

    November 26, 2018

    The German government published at the start of the month an initial draft for rules on securing Small Office and Home Office (SOHO) routers. Published by the German Federal Office for Information Security (BSI), the rules have been put together with input from router vendors, German telecoms, and the German hardware community. Once approved, router manufacturers don’t ...

  • Good cyber security starts with boards that ask questions

    November 25, 2018

    Not a day seems to go by when there isn’t a story in the media about a data breach, commercial espionage or a cyber intrusion where there is ‘no evidence that any data was stolen’. The narrative that companies didn’t know about a breach or were somehow victims is all too common. There is also a ...

  • Ukrainian police arrest hacker who infected over 2,000 users with DarkComet RAT

    November 23, 2018

    Ukrainian police have arrested a 42-old-man on charges of infecting over 2,000 users across 50 countries with the DarkComet remote access trojan (RAT). The man was arrested this week after police executed a search warrant at his residence in the city of Lviv, in Western Ukraine. In a press release published today, Ukrainian police said they found ...

  • Old Printer Vulnerabilities Die Hard

    November 23, 2018

    New research on an old problem reveals despite efforts, the InfoSec professionals still have a way to go when it comes to securing printers. Despite copious warnings and efforts by the security community to harden the defenses of printers, they continue to represent a ripe target for attackers. Just this past summer researchers at Check Point found ...

  • Rowhammer attacks can now bypass ECC memory protections

    November 22, 2018

    Academics from the Vrije University in Amsterdam, Holland, have published a research paper today describing a new variation of the Rowhammer attack. For readers unfamiliar with the term, Rowhammer is the name of a class of exploits that takes advantage of a hardware design flaw in modern memory cards. By default, a memory card stores temporary data ...

  • 500K Italian Public Administration Email Accounts Compromised By Targeted Attack

    November 21, 2018

    500,000 certified Italian public administration emails were compromised by hackers who specifically targeted the Italian Comitato Interministeriale per la Sicurezza della Repubblica (CISR) as reported by Difesa e Sicurezza. Although CISR was the primary target, the hackers also compromised certified emails related to other Italian public administration agencies according to Roberto Baldoni, the Deputy Director of the ...

  • Google Taking Over Health Records Raises Patient Privacy Fears

    November 21, 2018

    Three years ago, artificial intelligence company DeepMind embarked on a landmark effort to transform health care in the U.K. Now plans by owner Alphabet Inc. to wrap the partnership into its Google search engine business are tripping alarm bells about privacy. Data protection advocates cried foul when the company reversed course on an earlier pledge to keep DeepMind ...

  • Lazarus APT Uses Modular Backdoor to Target Financial Institutions

    November 21, 2018

    The advanced persistent threat group Lazarus with North Korean links has been observed using a modular backdoor during last week to compromise a series of Latin American financial institutions by Trend Micro’s Lenart Bermejo and Joelson Soares. As unearthed by the Trend Micro research team, the APT38 threat group successfully compromised a number of computing systems ...

  • L0rdix becomes the new Swiss Army knife of Windows hacking

    November 21, 2018

    A new hacking tool making the rounds in underground forums has been deemed the latest “go-to” universal offering for attackers targeting Microsoft Windows PCs. The software is called L0rdix and according to cybersecurity researchers from enSilo is “aimed at infecting Windows-based machines, combines stealing and cryptocurrency mining methods, can avoid malware analysis tools.” In a blog ...

  • Amazon suffers data breach days before Black Friday

    November 21, 2018

    Amazon has suffered a data breach just days before Black Friday – and the company was tight-lipped about whether it had notified the British data protection authorities. Multiple Register readers forwarded us emails sent from Amazon’s UK tentacle informing them that the online sales site had “inadvertently disclosed name and email address due to a technical error”. The ...

  • Major Flaws Found in IT Pentagon Processes After First Ever Financial Audit

    November 21, 2018

    The conclusions drawn following the first U.S. Defense Department-wide financial audit are not surprising to anyone given that the Pentagon failed the audit just as expected. “We never thought we were going to pass an audit, right? Everyone was betting against us, that we wouldn’t even do the audit,” told Patrick Shanahan the Deputy Secretary of ...

  • USPS Site Exposed Data on 60 Million Users

    November 21, 2018

    U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf. KrebsOnSecurity was contacted last week by a researcher who discovered the problem, but who asked to remain anonymous. The researcher said ...

  • APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign

    November 20, 2018

    The group is best-known for hacking the DNC ahead of the 2016 presidential election. A phishing campaign bent on espionage, believed to be launched by the nation-state threat group known as APT29, is targeting high-value targets across the think-tank, law enforcement, media, U.S. military, imagery, transportation, pharmaceutical, national government and defense contracting sectors. It’s the first large-scale ...

  • Emotet Returns with Thanksgiving Theme and Better Phishing Tricks

    November 20, 2018

    After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees. In early October, Emotet activity dropped off the radar, only to come back towards the end of the month with a new plugin that exfiltrates email subjects and 16KB ...