xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations

The first known attack in this campaign targeted a Kuwait transportation and shipping company in which the actors installed a backdoor tool named Hisoka. Several custom tools were later downloaded to the system in order to carry out post-exploitation activities. Read More …

Modern cyber security bears great resemblance to the Titanic disaster, says Stena CISO

Magnus Carling, CISO of worldwide conglomerate Stena AB, likened modern cyber security practices to the oversights which led to the Titanic disaster in 1912. Speaking at Cloudsec 2019, Carling told attendees “the iceberg was innocent. It wasn’t the iceberg that Read More …

Astaroth Spy Trojan Uses Facebook, YouTube Profiles to Cover Tracks

Facebook and YouTube profiles are at the heart of an ongoing phishing campaign spreading the Astaroth trojan, bent on the eventual exfiltration of sensitive information. The attack is sophisticated in that it uses normally trusted sources as cover for malicious Read More …

Hacking LED Wristbands: A ‘Lightning’ Recap of RF Security Basics

Early this year, we published a security analysis of industrial radio remote controllers. In that research, we examined different vulnerabilities in the implementation of radio frequency (RF) communication and the possible impact of an attack on these weaknesses. We believe that RF Read More …

‘USBAnywhere’ Bugs Open Supermicro Servers to Remote Attackers

Trivial-to-exploit authentication flaws can give an unsophisticated remote attacker ‘omnipotent’ control over a server and its contents. Authentication vulnerabilities in the baseboard management controllers (BMCs) of Supermicro X9-X11 servers have been discovered that allow a remote attacker to easily connect Read More …

WannaCry-style cyber attack could trigger full NATO response, says Secretary General

NATO Secretary General Jens Stoltenberg has said a cyber attack on a single member state could constitute an attack on all 29 members. The announcement effectively incorporates cyber security into Article 5 of the NATO founding treaty, a “collective defence Read More …