Discovering a blind eye to vulnerabilities
Last week, I was horrified to discover a problem with my vulnerability scanner. The product I use relies on a user account to connect to our Microsoft Windows servers and workstations to check them for vulnerable versions of software, and that user account had never been configured properly. As a result, the scanner has been […] more…One-Man PoS Malware Operation Captures 22,000 Credit Card Details in Brazil
We have been able to identify a new point-of-sale (PoS) malware family that has affected more than 100 victim organizations in Brazil. We have dubbed this new malware family as “FighterPOS”. (This name is derived from BRFighter, the tool used by the author to create this new threat.) This one-man operation has been able to steal more […] more…In a mock cyberattack, Deloitte teaches the whole business how to respond
A security breach or big data loss can trigger an emergency for the entire business, not just for the IT or security teams, so staffers from multiple departments must know how to react quickly and effectively in such situations. This was one of the main lessons taught in a cyber incident war-gaming exercise held for […] more…Welcome to the Internet of Things. Please check your privacy at the door.
It knows when you are sleeping and when you are awake. It knows when you’re home and when you’re away. It knows how how fast you drive, how many steps you took yesterday, and how hard your heart is working right now. It’s the Internet of Things (IoT), and it is terrible at keeping secrets. […] more…New ARM-powered chip aims for battery life measured in decades
The number of things getting plugged into the “Internet of Things” has already reached the point of satire. But there’s a new, extremely low power technology that’s being prepared for market that could put computing power and network access into a whole new class of sensors, wearables, and practically disposable devices. That’s because it can […] more…Fake Judicial Spam Leads to Backdoor with Fake Certificate Authority
Recently, we’ve come across an interesting spam campaign aimed at French users. The campaign itself uses a well-crafted lure that is likely to catch the attention of its would-be victims. In addition, the malware used – the GootKit backdoor – contains several unusual technical characteristics. Both of these highlight how this campaign was quite well thought-out […] more…Apple’s new MacBook employs unorthodox keyboard design to achieve maximum thinness
To pursue its continuing obsession with thinness, Apple has gone to extraordinary lengths with the keyboard on the new 12-inch MacBook, redesigning it in a way that is thoroughly distinct from its Macbook Air and MacBook Pro stablemates. According to Apple, the the new MacBook’s key assembly is about 40 percent thinner than previous designs […] more…CanSecWest 2015: everything is hackable
Last week, we had the privilege to participate in and present at the 15th edition of CanSecWest in beautiful Vancouver, BC, along with its famous accompaniment, the ever famous Pwn2Own competition. Yes, once again all major browsers were hacked, but they were not alone! BIOS and UEFI, 4G modems, fingerprints, credentials, virtual machines, and operating […] more…IBM: Mobile app security stinks
Major weaknesses in mobile application development make enterprise data vulnerable to attack. That was the major conclusion from an IBM/Ponemon study released today which found large companies, including many in the Fortune 500 aren’t properly securing mobile apps they build for customers nor their corporate and BYOD mobile devices. (Read the entire study.) + More […] more…Dell’s Linux PC sequel still "just works" – but it adds 4K screen and rough edges
Almost two years ago, we closed out our review of Dell’s first Linux-powered Developer Edition laptop with some words of wisdom from my former uber-sysadmin mentor, a fellow named Rick, with whom I worked at Boeing for many, many years. Rick is now retired and living the life of an itinerant world-traveling SCUBA master, but […] more…Yeti still Crouching in the Forest
Last July, we published details on Crouching Yeti (aka Energetic Bear), an advanced threat actor involved in several APT campaigns. A quick summary: Campaign status: Active Discovery: January 2014 Targeted platforms: Windows First known sample: 2010 Number of targets: 2,001-3,000 Top target countries : United States, Spain, Japan, Germany, France, Italy, Turkey, Ireland, Poland, China […] more…State Dept. expects email back online later Monday
The U.S. Department of State expects its main unclassified email system to be back in operation later Monday after security upgrades, but wider Internet access could take longer to get back online. The department, which says it fights off “thousands” of hacking attacks each day, took its system offline over the weekend “to ensure the […] more…Critical flaw in WordPress SEO plugin hits millions of sites
A security flaw in a popular WordPress plugin has been patched, preventing hackers from potentially taking over an entire blog installation. Yoast, the maker of the popular “wordpress-seo” plugin for the blogging platform, said it has patched a cross-site request forgery flaw that allowed a blind SQL attack. That could’ve allowed a hacker to modify […] more…Investigating and Detecting Command and Control Servers
Information about the overall threat landscape can be gathered from many sources. One useful method is by looking at the overall activity of botnet command-and-control (C&C) servers, as used both in targeted attacks and in attacks against the broader Internet user base. We are able to combine various threat intelligence sources, including feedback from the […] more…Inside the EquationDrug Espionage Platform
Introduction EquationDrug is one of the main espionage platforms used by the Equation Group, a highly sophisticated threat actor that has been engaged in multiple CNE (computer network exploitation) operations dating back to 2001, and perhaps as early as 1996. (See full report here [PDF]). EquationDrug, which is still in use, dates back to 2003, […] more…5 steps to incorporate threat intelligence into your security awareness program
In our recent article, we highlighted that every significant and public attack exploited people to either get an initial foothold in a target organization or as the entire attack vector. These attacks highlight the need for awareness as a top concern of security programs. However the reality is that generic awareness materials are of little […] more…More information
- Cyberattack Disrupts Production at Varta Battery Factories
- Facebook tax refund scam earns Arizona woman 6 years in jail
- Mozilla Brings Privacy-Focused Browser to Android
- Microsoft’s Bing follows Google in offering Europeans the ‘right to be forgotten’
- Freelance hacking site vows to clean up dodgy listings
- LeakerLocker Mobile Ransomware Threatens to Expose User Information
- New Features Added to CERT Tapioca Tool
- Xen CVE-2019-17340 Denial of Service Vulnerability
- Security Validation Firm Pentera Raises $150 Million at $1 Billion Valuation
- Various Google Play “Beauty Camera” Apps Sends Users Pornographic Content, Redirects Them to Phishing Websites and Collects Their Pictures