Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks

The Inception threat group has been observed exploiting the CVE-2017-11882 Microsoft Office memory corruption vulnerability and a PowerShell-based backdoor dubbed POWERSHOWER in their most recent multi-stage attack campaign during October 2018. Inception was seen in action since at least 2014, Read More …

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with Read More …

Eurostar Resets All Customer Passwords After ‘Attempted’ Hack

The incident, which took place in mid-October, follows major breaches at several airlines — but this time around no payment details were affected Eurostar has reset all customers’ online passwords after detecting an “attempted” hack, the rail company confirmed. The Read More …

Microsoft regularly shared data of India bank customers with US intelligence agencies, claims report

Technology company Microsoft has routinely shared the financial details of Indian bank customers with intelligence agencies in the United States, DNA reported on Tuesday. According to the newspaper, the Reserve Bank of India flagged its concerns on the matter in a risk Read More …

Researchers find Stuxnet, Mirai, WannaCry lurking in industrial USB drives

Removal storage and USB thumb drives are a serious security incident waiting to happen, new research suggests. When we consider threats to our industrial systems, specifically crafted malware, such as the Industroyer strain which cut off the power to the city Read More …

Australian defence contractor Austal hit by data breach

Australian prime defence contractor and shipbuilder Austal informed [PDF] the Australian Securities Exchange (ASX) of a data breach after the market closed on Thursday evening. The company said it alerted “stakeholders” who were potentially hit by the breach, but said no information Read More …

Two Zero-Day Bugs Open Millions of Wireless Access Points to Attack

Two zero-day vulnerabilities in Bluetooth Low-Energy chips made by Texas Instruments (and used in millions of wireless access points) open corporate networks to crippling stealth attacks. Adversaries can exploit the bugs by simply being approximately 100 to 300 feet from Read More …