Game of Threats
Introduction While the way we consume TV content is rapidly changing, the content itself remains in high demand, and users resort to any means available to get at it – including illegal and non-ethical ones like the use of pirated stuff. The world is embracing the idea of paying for entertainment more and more with […] more…Hacking microcontroller firmware through a USB
In this article, I want to demonstrate extracting the firmware from a secure USB device running on the Cortex M0. Who hacks video game consoles? The manufacture of counterfeit and unlicensed products is widespread in the world of video game consoles. It’s a multi-billion dollar industry in which demand creates supply. You can now find […] more…Analysis of a Chrome Zero Day: CVE-2019-5786
1. Introduction On March 1st, Google published an advisory [1] for a use-after-free in the Chrome implementation of the FileReader API (CVE 2019-5786). Clement Lecigne from Google Threat Analysis Group reported the bug as being exploited in the wild and targeting Windows 7, 32-bit platforms. The exploit leads to code execution in the Renderer process, […] more…How Online Scams Drive College Basketball Fans Mad
Sports fans everywhere look forward to mid-March for the NCAA men’s college basketball tournament. However, it’s not just college basketball fans that look forward to this time of year. Cybercriminals use March to launch malicious campaigns in the hopes of gaining access to personal information from unsuspecting fans. Let’s take a look at the most […] more…UPnP-enabled Connected Devices in the Home and Unpatched Known Vulnerabilities
by Tony Yang (Home Network Researcher) Earlier this year, users of Chromecast streaming dongles, Google Home devices, and smart TVs were inundated with a message promoting YouTuber PewDiePie’s channel. The hijacking is said to be part of an ongoing subscriber count battle on the video sharing site. The hackers behind it reportedly took advantage of […] more…Your Smart Coffee Maker is Brewing Up Trouble
IOT devices are notoriously insecure and this claim can be backed up with a laundry list of examples. With more devices “needing” to connect to the internet, the possibility of your WiFi enabled toaster getting hacked and tweeting out your credit card number is, amazingly, no longer a joke. With that in mind, I began […] more…ThinkPHP Vulnerability Abused by Botnets Hakai and Yowai
By Augusto Remillano II Cybercriminals are exploiting a ThinkPHP vulnerability — one that was disclosed and patched in December 2018 — for botnet propagation by a new Mirai variant we’ve called Yowai and Gafgyt variant Hakai. Cybercriminals use websites created using the PHP framework to breach web servers via dictionary attacks on default credentials and […] more…New Exploit Kit “Novidade” Found Targeting Home and SOHO Routers
We identified a new exploit kit we named Novidade that targets home or small office routers by changing their Domain Name System (DNS) settings via cross-site request forgery (CSRF), enabling attacks on a victim’s mobile device or desktop through web applications in which they’re authenticated with. Once the DNS setting is changed to that of […] more…Helping Kids Deal with the Digital Rejection of ‘Ghosting’
Rejection is the unspoken risk that is present when we enter into any relationship be it a friendship or a love relationship. It’s a painful, inescapable part of life that most of us go to great lengths to avoid. That said, there’s a social media phenomenon called “ghosting” that can take the pain of rejection to […] more…New PowerShell-based Backdoor Found in Turkey, Strikingly Similar to MuddyWater Tools
MuddyWater is a well-known threat actor group that has been active since 2017. They target groups across Middle East and Central Asia, primarily using spear phishing emails with malicious attachments. Most recently they were connected to a campaign in March that targeted organizations in Turkey, Pakistan, and Tajikistan. The group has been quite visible since the […] more…McAfee Labs 2019 Threats Predictions Report
These predictions were written by Eoin Carroll, Taylor Dunton, John Fokker, German Lancioni, Lee Munson, Yukihiro Okutomi, Thomas Roccia, Raj Samani, Sekhar Sarukkai, Dan Sommer, and Carl Woodward. As 2018 draws to a close, we should perhaps be grateful that the year has not been entirely dominated by ransomware, although the rise of the GandCrab […] more…8 Ways to Secure Your Family’s Online Holiday Shopping
It’s officially the most wonderful time of the year — no doubt about it. But each year, as our reliance and agility on our mobile devices increases, so too might our impulsivity and even inattention when it comes to digital transactions. Before getting caught up in the whirlwind of gift giving and the thrill of […] more…The Rotexy mobile Trojan – banker and ransomware
On the back of a surge in Trojan activity, we decided to carry out an in-depth analysis and track the evolution of some other popular malware families besides Asacub. One of the most interesting and active specimens to date was a mobile Trojan from the Rotexy family. In a three-month period from August to October […] more…Outlaw Group Distributes Botnet for Cryptocurrency-Mining, Scanning, and Brute-Force
We previously blogged about how we uncovered the operations of the hacking group we named Outlaw that uses an Internet Relay Chat (IRC) bot. This follow-up post covers a host part of the botnet operated by the group, which we found attempting to run a script on our IoT honeypot. The attacking bot used a […] more…Fake Banking App Found on Google Play Used in SMiShing Scheme
Banks are offering more features and upgrades for their banking apps, and thanks to their convenience more users are adopting mobile banking services around the world. But as new financial technology proliferates and users start to look for apps and other services from their particular bank, opportunities for scammers also increase. One recent example of […] more…Perl-Based Shellbot Looks to Target Organizations via C&C
We uncovered an operation of a hacking group, which we’re naming “Outlaw” (translation derived from the Romanian word haiduc, the hacking tool the group primarily uses), involving the use of an IRC bot built with the help of Perl Shellbot. The group distributes the bot by exploiting a common command injection vulnerability on internet of […] more…More information
- WA Parliament experiences cybersecurity breach: Report
- Would Facebook and Cambridge Analytica be in Breach of GDPR?
- Cybersecurity M&A Roundup for April 1-11, 2021
- Europol: Criminals Exploit Virus Crisis as Fresh Opportunity
- US science fund pumps $20 million into cybersecurity research
- Android users: beware ‘Invisible Man’ malware disguised as Flash
- Account With Admin Privileges Abused to Install BitPaymer Ransomware via PsExec
- MITRE Hackers’ Backdoor Has Targeted Windows for Years
- Botnet blasts WordPress sites with configuration download attacks
- Information of 883,000 Stolen in Crippling Attack on Hospital Sisters Health System