News


  • Your Word is Your Bond: Trust and Ethics in Underground Forums

    January 7, 2019

    Although the general public thinks of underground forums as a place where scams and suspicious dealings are rampant, the opposite is usually true: the threat actors who inhabit these sites often consider their reputation a major asset. Many of the individuals and groups in underground forums go to great lengths to ensure that transactions go through ...

  • NSA to release a free reverse engineering tool

    January 6, 2019

    The US National Security Agency will release a free reverse engineering tool at the upcoming RSA security conference that will be held at the start of March, in San Francisco. The software’s name is GHIDRA and in technical terms, is a disassembler, a piece of software that breaks down executable files into assembly code that can ...

  • Angela Merkel’s personal details leaked on Twitter

    January 4, 2019

    An unknown hacker has released confidential data linked to the German Chancellor Angela Merkel and hundreds of the country’s other politicians. The stolen details were released on Twitter over the past few weeks in a sort of Advent Calendar and included bills and credit card information, phone numbers, email addresses, photo identification and personal chat histories. The Twitter ...

  • Tech trends 2019: ‘The end of truth as we know it?’

    January 4, 2019

    More than 200 firms contributed to our request for ideas on what the global tech trends will be in 2019. Here’s a synthesis of the main themes occupying the minds of the technorati this year. You may be surprised. This year it’s all about data – a small, rather dull word for something that is profoundly ...

  • Spyware Disguises as Android Applications on Google Play

    January 3, 2019

    Trend Micro discovered a spyware (detected as ANDROIDOS_MOBSTSPY) which disguised itself as legitimate Android applications to gather information from users. The applications were available for download on Google Play in 2018, with some recorded to have already been downloaded over 100,000 times by users from all over the world. One of the applications we initially investigated ...

  • A Dozen Flaws in Popular Mac Clean-Up Software Allow Local Root Access

    January 3, 2019

    A passel of privilege-escalation vulnerabilities in MacPaw’s CleanMyMac X software would allow a local attacker to gain root access to an Apple machine in various ways. CleanMyMac X is a cleanup application for MacOS that optimizes the drives and frees up space by scanning for unused, redundant or unnecessary files and deleting them. No fewer than ...

  • Adobe Issues Emergency Patches for Two Critical Flaws in Acrobat and Reader

    January 3, 2019

    Adobe has issued an out-of-band security update to patch two critical vulnerabilities in the company’s Acrobat and Reader for both the Windows and macOS operating systems. Though the San Jose, California-based software company did not give details about the vulnerabilities, it did classify the security flaws as critical since they allow privilege escalation and arbitrary code execution in ...

  • Phishing template uses fake fonts to decode content and evade detection

    January 3, 2019

    Proofpoint researchers recently observed a phishing kit with peculiar encoding utilized in a credential harvesting scheme impersonating a major retail bank. While encoded source code and various obfuscation mechanisms have been well documented in phishing kits, this technique appears to be unique for the time being in its use of web fonts to implement the encoding. When the ...

  • Newsmaker Interview: Bruce Schneier on Physical Cyber Threats

    January 2, 2019

    Bruce Schneier discusses the clash between critical infrastructure and cyber threats. Attacks on physical devices and infrastructure offer a new target for cyber crime, a new opportunity for espionage and even a few front in cyber war. Rather than exploit computers and their applications, the Internet of Things allows malicious actors to go after a whole new ...

  • Hackers threaten to leak 9/11 litigation documents

    January 2, 2019

    The Dark Overlord claims to have stolen over 18,000 documents relating to the September 11 attacks on the World Trade Centre A group of hackers have threatened to release a large cache of stolen 9/11 litigation documents, in what it claims is one of the biggest leaks in history. The organisation, which is known as the Dark ...

  • Cyber-attack disrupts printing of major US newspapers

    December 30, 2018

    A cyber-attack has caused printing and delivery disruptions to major US newspapers, including the Los Angeles Times, the Chicago Tribune and the Baltimore Sun. The attack on Saturday appeared to originate outside the United States, the Los Angeles Times reported. It led to distribution delays in the Saturday edition of the Times, the Tribune, the Sun and other ...

  • EU to fund bug bounty programs for 14 open source projects starting January 2019

    December 29, 2018

    The European Union will foot the bill for bug bounty programs for 14 open source projects, EU Member of Parliament Julia Reda announced this week. The 14 projects are, in alphabetical order, 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony ...

  • First-Ever UEFI Rootkit Tied to Sednit APT

    December 28, 2018

    Researchers hunting cyber-espionage group Sednit (an APT also known as Sofacy, Fancy Bear and APT28) say they have discovered the first-ever instance of a rootkit targeting the Windows Unified Extensible Firmware Interface (UEFI) in successful attacks. The discussion of Sednit was part of the 35C3 conference, and a session given by Frédéric Vachon, a malware researcher at ESET who published a technical ...

  • Hijacking Online Accounts Via Hacked Voicemail Systems

    December 28, 2018

    Proof-of-concept hack of a voicemail systems shows how it can lead to account takeovers multiple online services. Voicemail systems are vulnerable to compromise via brute-force attacks against the four-digit personal identification numbers (PINs) that protect them. Researchers say a malicious user can thus access the voicemail system to then take over online accounts for services like ...

  • Stolen UK identities selling for as little as £10 on the dark web

    December 26, 2018

    Stolen personal data of UK citizens is selling for as little as £10 on the dark web, offering hackers all the information needed to carry out online fraud and identity theft, The Independent has discovered. So-called fullz – hacker slang meaning a “full ID” package – of UK citizens are being listed on several popular online black markets. A full ID ...

  • Five other countries formally accuse China of APT10 hacking spree

    December 21, 2018

    After the US Department of Justice charged two Chinese nationals for being members of a state-sponsored hacking group and accused the Chinese government of orchestrating a string of hacks around the world, five other governments have stepped in with similar accusations. Australia, Canada, Japan, New Zealand, and the UK have published official statements today formally blaming China of ...

  • U.S. Indicts China-Backed Duo for Massive, Years-Long Spy Campaign

    December 20, 2018

    The homeland security implications are significant: the two, working with Beijing-backed APT10, allegedly stole sensitive data from orgs like the Navy and NASA. The Department of Justice on Thursday charged two Chinese hackers with stealing “hundreds of gigabytes” of data from more than 45 other governmental organizations and U.S.-based companies. This has potentially significant national security ramifications: ...

  • NASA discloses data breach

    December 19, 2018

    The US National Aeronautics and Space Administration (NASA) admitted today to getting hacked earlier this year. In an internal memo sent to all employees, the agency said that an unknown intruder gained access to one of its servers storing the personal data of current and former employees. Social Security numbers were also compromised, NASA said. The agency ...

  • URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader

    December 18, 2018

    As ransomware and banking trojans captured the interest – and profits – of the world with their destructive routines, cybersecurity practitioners have repeatedly published online and offline how cybercriminals have compartmentalized their schemes through exchange of information and banded professional organizations. As a more concrete proof of the way these symbiotic relationships and work flows intersect, we discovered a connection between EMOTET, URSNIF, DRIDEX and BitPaymer from open source information and ...

  • Russia-Linked Sofacy Debuts Fresh Zebrocy Malware Variant

    December 18, 2018

    The group continues to evolve its custom malware in an effort to evade detection. The Zebrocy trojan – a custom downloader malware used by Russia-linked APT Sofacy (a.k.a. APT28, Fancy Bear or Sednit) – has a new variant. While it’s functionally much the same as its other versions, the new code was written using the Go ...