Are Secure Communications Really Secure? Government Sites Affected by Weak DHE
How secure is online public communication? Last May, a paper was published that discusses about the Diffie-Helman (DH) crypto-strength deployment, which gives strong evidence that the current DH usage is weak and suggests that 1024-bit size parameters can be broken with a nation state’s computing power resources. The paper presents possible scenarios where such an incident could occur. They found, […] more…[1Q 2015 Security Roundup] Bad Ads and Zero Days: Reemerging Threats Challenge Trust in Supply Chains and Best Practices
Best practices are failing. No matter how good you are at sticking to them, they can no longer guarantee your safety against the simplest threats we saw last quarter. Malicious advertisements are in the sites you frequent, data-leaking apps come preinstalled in your gadgets, and data-encrypting malware run silently in your office networks. Even the […] more…Identifying and Dividing Networks and Users
Proper network segmentation is the most critical proactive step in protecting networks against targeted attacks. It is also important for organization to properly identify and categorize their own users and the networks they access. This is an important task as it allows an administrator to properly segment both user privileges and network traffic. Some users will […] more…FBI Public Service Annoucement: Defacements Exploiting WordPress Vulnerabilities
The US Federal Bureau of Investigation (FBI) just released a public service announcement (PSA) to the public about a large number of websites being exploited and compromised through WordPress plugin vulnerabilities: Continuous Web site defacements are being perpetrated by individuals sympathetic to the Islamic State in the Levant (ISIL) a.k.a. Islamic State of Iraq and […] more…How I hacked my smart bracelet
This story began a few months ago when I got a popular brand of fitness bracelet. As this is a wearable device I installed Android Wear app, an application developed especially for wearable devices. This application easily connects to the fitness band. However, there was something odd: the program could connect to a Nike+ Fuel […] more…Why Websites Get Hacked
I spend a good amount of time engaging with website owners across a broad spectrum of businesses. Interestingly enough, unless I’m talking large enterprise, there is a common question that often comes up: Why would anyone ever hack my website? Depending on who you are, the answer to this can vary. Nonetheless, it often revolves […] more…The Great Bank Robbery: the Carbanak APT
Download Full Report PDF The story of Carbanak began when a bank from Ukraine asked us to help with a forensic investigation. Money was being mysteriously stolen from ATMs. Our initial thoughts tended towards the Tyupkin malware. However, upon investigating the hard disk of the ATM system we couldn’t find anything except a rather odd […] more…AdSense Abused with Malvertising Campaign
Last weekend we noticed a large number of requests to scan websites for malware because they randomly redirected to some “magazine” websites. Most of them mentioned the lemode-mgz .com site. In all cases, the symptoms were the same. Some users randomly got redirected when they clicked on links or loaded new pages. They all reported […] more…State of Play: Network Devices Facing Bulls-eye
A long time has passed since we published our analysis of threats for home network devices. Since then, the situation has significantly changed – alas, not for the better. Back in 2011, we were concerned mainly about the security of SOHO routers, DSL modems and wifi access points. Today, we are talking about the whole […] more…CVE-2014-4115 Analysis: Malicious USB Disks Allow For Possible Whole System Control
One of the bulletins that was part of the October 2014 Patch Tuesday cycle was MS14-063 which fixed a vulnerability in the FAT32 disk partition driver that could allow for an attacker to gain administrator rights on affected systems, with only a USB disk with a specially modified file system. This vulnerability as also designated […] more…Threat Introduced via Browser Extensions
We love investigating unusual hacks. There are so many ways to compromise a website, but often it’s the same thing. When we see malicious code on web pages, our usual suspects are: Vulnerabilities in website software Trojanized software from untrusted sources (e.g. pirated themes and plugins) Stolen or brute-forced credentials (anything from FTP and SSH […] more…Understanding the WordPress Security Plugin Ecosystem
As a child, did you ever play that game where you sit in a circle and one person is responsible for whispering something into one persons ear, and that message gets relayed around the circle? Wasn’t it always funny to see what the final message received would be? Oh and how it would have morphed […] more…IP Reputation and Spam Prevention: Working with Email Providers
Today, spam may not be regarded as the most high-profile concern, but it’s still a serious day-to-day threat. Every month, our users alone have to deal with billions of spam messages. These are also frequently used to deliver malware using attachments or links to malicious sites. One of the most powerful tools in dealing with spam […] more…Open Socket Poses Risks To Android Security Model
The security of the Android platform is based on its sandbox and permission protection mechanism, which isolates each app and restricts how processes can communicate with each other. However, because it is designed to be open to include other open source projects like Linux and OpenSSL, it can inherit many features as well as vulnerabilities. This means that […] more…Spike in Health-Themed Spam Marks September-October Spam Threats
In the past few weeks, we’ve seen drastic and noteworthy increases in the number of health-related spam in the wild. Prior to September, this type of spam was relatively rare. However, as September began, these suddenly increased. Over the next few weeks, health-themed spam constituted 30% of the spam we saw, with an average of […] more…State of Online Commerce 2013: Word Clouds
Online commerce is having a greater impact on our lives as more and more businesses take advantage of these new sales channels, from e-tail to mobile commerce, to creating stand-alone mobile apps. With this in mind, we pinpointed four key topics impacting the eCommerce industry today, and created word clouds based on the data from […] more…More information
- Don’t count on consistent server performance in the cloud
- Why hackers set their sights on small businesses
- Are IT departments really in retreat, or evolving into new roles?
- Newly found zero-click iPhone exploit used in NSO spyware attacks
- Update: Some student employees are being forced to sign up for 2FA.
- Do you find passwords too darn hard? Then poetry’s your hidden card!
- Feds Charge Two In Lizard Squad Investigation
- Is WordPress Secure?
- Adobe security team posts public key – together with private key
- Hacker claims spyware maker Retina-X has been breached, again