Russia’s Elite Hackers May Have New Phishing Tricks

A major question hanging over the United States midterm election season: Where was Russia? But while GRU hackersdidn’t directly interfere, they appear to be as active as ever. New research from two threat intelligence firms indicates that two prominent Russia-linked groups have been developing some Read More …

Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild

Cybersecurity researchers at ESET have unveiled what they claim to be the first-ever UEFI rootkit being used in the wild, allowing hackers to implant persistent malware on the targeted computers that could survive a complete hard-drive wipe. Dubbed LoJax, the UEFI Read More …

VPNFilter’s Arsenal Expands With Newly Discovered Modules

Seven new modules discovered in VPNFilter further fill in the blanks about how the malware operates and reveals a wider breath of capabilities. Researchers have discovered new modules in VPNFilter – the malware behind the widespread campaign in May that infected 75 Read More …

Russian ‘Fancy Bear’ Hackers Using (Unpatched) Microsoft Office DDE Exploit

Cybercriminals, including state-sponsored hackers, have started actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it. Last month, we reported how hackers could leverage a built-in feature of Read More …

Latest Sofacy Campaign Targeting Security Researchers

Sofacy, the Russian-speaking APT group connected to interference in the 2016 U.S. presidential election, has been targeting researchers, admins and others interested in cybersecurity. Cisco’s security research arm Talos published a report on Sunday describing a campaign linked to Sofacy, also known as Read More …

Hackers race to use Flash exploit before vulnerable systems are patched

Hackers are rushing to exploit a zero-day Flash vulnerability to plant surveillance software before organisations have time to update their systems to patch the weakness. Uncovered by researchers at Kaspersky Lab on Monday, the CVE-2017-11292 Adobe Flash vulnerability allows attackers to deploy a vulnerability Read More …