North Korean Hackers Exploit HWP Docs in Recent Cyber Heists
A series of malicious Hangul Word Processor (HWP) documents used in recent attacks on cryptocurrency exchanges have been attributed to the North Korea-linked Lazarus group, AlienVault reports. read more more…North Korean Hackers Abuse ActiveX in Recent Attacks
An ActiveX zero-day vulnerability discovered recently on the website of a South Korean think tank focused on national security has been abused by the North Korean-linked Lazarus group in attacks, AlienVault reports. read more more…CIA’s “Vault 7” mega-leak was an inside job, claims FBI
The suspect worked for a CIA group that designed hacking tools at the time the cyber-spying arsenal was given to WikiLeaks. more…Ex-CIA Employee Suspected in WikiLeaks ‘Vault7’ Leak
A former employee of the U.S. Central Intelligence Agency (CIA) is believed to have provided WikiLeaks the files made public by the whistleblower organization as part of its ‘Vault 7’ leak, which focuses on hacking tools used by the CIA. read more more…WikiLeaks Details Mac OS X Hacking Tools Used by CIA
The latest round of documents published by WikiLeaks as part of a leak dubbed by the organization “Vault 7” describes several tools allegedly used by the U.S. Central Intelligence Agency (CIA) to target Mac OS X and other POSIX systems. read more more…Suspected CIA spying tools linked to hacks in 16 countries
The suspected CIA spying tools exposed by WikiLeaks have been linked to hacking attempts on at least 40 targets in 16 countries, according to security firm Symantec. The tools share “close similarities” with the tactics from an espionage team called Longhorn, Symantec said in a Monday post. Longhorn has been active since at least 2011, […] more…Intel Security releases MacBook scanner for CIA Vault 7 rootkits
We’re just a few days removed from the WikiLeaks publication, Vault 7, that outlined many of the supposed hacking tools at the disposal of the CIA. It has left tech firms scrambling for fixes and has raised questions over what products and services are most at risk, especially as the dust and sensationalism settles around […] more…The world’s most wanted hacker is basically a nerdy supervillain
On Sunday, the New York Times published a story on Evgeniy M. Bogachev, described as “the most wanted cybercriminal in the world,” full of details about the hacker’s crimes, plots, some incredible tidbits and a photo to end all amazing FBI photos. Bogachev has long been sought after for his hacking schemes, draining millions of […] more…CHIPSEC Support against Vault 7 disclosure scanning
Following recent WikiLeaks Vault 7 disclosures, including details regarding the firmware vulnerabilities, there has been significant concern regarding the integrity of devices and operating systems used within society. In addition, there was reference to a vulnerability related to the Intel Security stinger. First, we can confirm that the stinger tool issue is no longer present […] more…"Vault 7" Leak Shows CIA Learned From NSA Mistakes
WikiLeaks’ “Vault 7” release appears to confirm that the U.S. National Security Agency (NSA) was behind the threat actor tracked as the “Equation Group.” Documents also show that the Central Intelligence Agency (CIA) learned from the NSA’s mistakes after its activities were exposed by security researchers. read more more…WikiLeaks Releases Details on CIA Hacking Tools
WikiLeaks revealed on Tuesday that it has obtained thousands of files allegedly originating from a high-security network of the U.S. Central Intelligence Agency (CIA). The leak, dubbed “Vault 7,” apparently exposes the CIA’s vast hacking capabilities. read more more…Online password locker LastPass hacked
LastPass users will be prompted to change their master passwords after the online password locker company reported that its network was breached on Friday. The company revealed the breach in a blog post Monday after investigating “suspicious activity” discovered by its security team. According to LastPass, the investigation did not reveal any evidence that the […] more…CRYPVAULT: New Crypto-ransomware Encrypts and “Quarantines” Files
We uncovered a new crypto-ransomware variant with new routines that include making encrypted files appear as if they were quarantined files. These “quarantined” files are appended by a *.VAULT file extension, an antivirus software service that keeps any deleted files for a certain period of time. Antivirus software typically quarantines files that may potentially cause further damage to […] more…Hackers are Cashing in on Instagram Likes
They say popularity has its price. This saying holds a new weight when it comes to the growing influence of social media. In fact, your “Likes” may be worth more to hackers than your credit card number. As counterintuitive as it may seem, your social clout has become the new target of hackers. And they’re […] more…Not so Hack-tastic: Cyber Scams Cost Banks, and You, Millions
This year may just be deemed the era of the cyber security breach, with scores of online attacks running up millions of dollars in damages to a number of financial institutions. The tactics used range from revenge-focused “hacktivism” to illicit credit card scandals—a variety of scams that emphasize just how important it is to use […] more…More information
- Microsoft delivers emergency security update for antiquated IE
- Google bans Android miners from Play Store
- 5 tips to make your Facebook account safer [UPDATED]
- Borked Google Authenticator update wipes iOS user data
- Microsoft Windows Kernel ‘Win32k.sys’ CVE-2013-3167 Local Privilege Escalation Vulnerability
- Flashback botnet not shrinking, huge numbers of Macs still infected
- Microsoft Windows Firewall CVE-2012-0174 Security Bypass Vulnerability
- Senator Asks DoD to Secure Its Websites
- Twitter password recovery bug potentially exposed data of 10,000 users
- Resolved: Outage: Multiple account related services are unavailable