3 future Android features you can give yourself today
Here in the land o’ Android, things are always evolving — and it isn’t only because of big operating system updates. Thanks to the way Google’s for years now been deconstructing Android and pulling OS-level pieces out of the operating system itself — so they exist as regular ol’ apps and can consequently be updated […] more…Chromium explained: How the open-source engine drives today’s browsers
3 facts to know about Chromium > Chromium provides the core engine, network stack, and architecture for Google Chrome, Microsoft Edge, and other major web browsers. The project’s code lineage traces back to 2001, forking from Apple’s WebKit. Unlike Chrome, the pure Chromium build lacks proprietary Google features like automatic updates, licensed media codecs, and […] more…Lazarus targets defense industry with ThreatNeedle
Lazarus targets defense industry with ThreatNeedle (PDF) We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. After taking […] more…Let’s Encrypt Begins Retirement of TLS-SNI-01 Validation
Free and open Certificate Authority (CA) Let’s Encrypt today started the process of completely retiring TLS-SNI-01 validation support. read more more…Supply Chain Attack Operation Red Signature Targets South Korean Organizations
by Jaromir Horejsi, Joseph C. Chen, Kawabata Kohei, and Kenney Lu Together with our colleagues at IssueMakersLab, we uncovered Operation Red Signature, an information theft-driven supply chain attack targeting organizations in South Korea. We discovered the attacks around the end of July, while the media reported the attack in South Korea on August 6. The […] more…Cryptojacking Campaign Caught Targeting Over 200,000 MikroTik Routers
Our routers are our connection to the internet, allowing us to use our devices to access websites at our leisure. And because of this, routers are often a target for hackers. In fact, just this week, it was uncovered that MikroTik is the latest router manufacturer under siege, as researchers have discovered a massive Coinhive […] more…Not Only Botnets: Hacking Group in Brazil Targets IoT Devices With Malware
Instances involving compromised devices, botnets, and vulnerabilities have become ordinary occurrences. This makes sense given the increased connectivity today, but ask yourself: What is the most common internet-of-things (IoT) device across network infrastructures, whether in homes or businesses? Answer: the router. Even before the term IoT was coined, we had the routers at the gateway, […] more…Wired and Tired: 6 Ways to Restore What Technology Zaps
I pictured myself at this stage of parenting sitting in a dark forest Yoda-like as younger mothers sheepishly approached in search of wisdom. But reality and time — especially in parenting — become the great equalizers, yes? Even though my kids are now 16 and 22, I more closely resemble a Yo-Yo than the ever-wise […] more…Wired and Tired: 6 Simple Ways to Restore the Things Technology Zaps
I pictured myself at this stage of parenting sitting in a dark forest Yoda-like as younger mothers looked to me for wisdom. But even though my kids are now 16 and 22, it’s confusion, not clarity that invades my decision making. And that whole Yoda thing? Yeah — never gonna happen. Raising kids of any age […] more…Continuous IT audits are needed to combat today’s cyber threats
We find that many IT departments within our clients’ organizations have very talented IT staff, but all too often they don’t have an information security and compliance staff member on board. All too often this role is not in place. So the question is, how can they meet compliance and maintain security of their vital […] more…Windows zero-day exploit used in targeted attacks by FruityArmor APT
A few days ago, Microsoft published the “critical” MS16-120 security bulletin with fixes for vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync. One of the vulnerabilities – CVE-2016-3393 – was reported to Microsoft by Kaspersky Lab in September 2016. Here’s a bit of background on how this zero-day was discovered. […] more…Zero-Day Attack Discovered in Magnitude Exploit Kit Targeting CVE-2016-1019 in Older Versions of Adobe Flash Player
By Peter Pi, Brooks Li and Joseph C. Chen Following their security advisory last April 5, 2016, Adobe has released an out of band patch today for the vulnerability CVE-2016-1019, which affects Adobe Flash Player. Trend Micro has observed active zero day attacks from the Magnitude Exploit Kit affecting users of Flash 20.0.0.306 and earlier. These attacks are not effective against […] more…Poseidon Group: a Targeted Attack Boutique specializing in global cyber-espionage
During the latter part of 2015, Kaspersky researchers from GReAT (Global Research and Analysis Team) got hold of the missing pieces of an intricate puzzle that points to the dawn of the first Portuguese-speaking targeted attack group, named “Poseidon.” The group’s campaigns appear to have been active since at least 2005, while the very first […] more…The GasPot Experiment: Hackers Target Gas Tanks
Physically tampering with gasoline tanks is dangerous enough, given how volatile gas can be. Altering a fuel gauge can cause a tank to overflow, and a simple spark can set everything ablaze. But imagine how riskier it is if a hacker can do all this remotely, especially now that a number of fuel companies worldwide […] more…Four Steps To An Effective Targeted Attack Response
For many organizations today, the question is no longer if they will fall victim to a targeted attack, but when. In such an event, how an organization responds will determine whether it becomes a serious event or if it stays a mere annoyance. This requires something of a change of mindset for information security professionals. Previous techniques and […] more…Most Common Attacks Affecting Today’s Websites
New web-based attack types and vectors are coming out every day, this is causing businesses, communities and individuals to take security seriously now more than they ever have in the past. This is a huge win for the World Wide Web and it’s a trend that is pushing technology further towards more robust and securely […] more…More information
- virustotal += Baidu-International URL scanner
- Twitter Now Tracking User IP Addresses
- ASUS Italy defaced – Accounts leaked
- Resolved: Ag Engineering Fiber Move. North Halls network, VoIP phone, and CATV outage.
- Apple’s Swift falls back to earth after initial surge
- Orange to install Lookout security software on Android devices
- CryptoLuck Ransomware Emerges
- School From Home: Project-Based Learning
- What’s at risk from nRansom? Your memories of Thomas the Tank Engine
- Microsoft Says Its Services Not Used as Entry Point by SolarWinds Hackers