Month: August 2016
-
New ‘Fantom’ Ransomware Poses As Windows Update
New ‘Fantom’ Ransomware Poses As Windows Update http://ift.tt/2bPnXoF New ‘Fantom’ Ransomware Poses As Windows Update Fantom malware comes disguised as a legitimate Microsoft Windows update to trick consumers and business users into downloading it. IT managers have a new ransomware threat on their radar that comes camouflaged as a Critical Windows Update to trick enterprise users…
-
Angler’s obituary: Super exploit kit was the work of Russia’s Lurk group
Angler’s obituary: Super exploit kit was the work of Russia’s Lurk group http://ift.tt/2bFwxpq Ruslan Stoyanov was right: what could be history’s most advanced financially-driven malware was the progeny of some 50 jailed hackers known as the Lurk group. It is a finding that solves the mysterious demise of the world’s most capable exploit kit and…
-
OneLogin breached, hacker finds cleartext credential notepads
OneLogin breached, hacker finds cleartext credential notepads http://ift.tt/2bAjicd Password attic OneLogin has been breached, and it’s bad, because the service that suffered the breach is one often used by people to store credentials like admin password and software keys. The online credential manager says a its Secure Notes facility was breached, allowing the intruder to…
-
iOS 9.3.4 and minor versions are vulnerable to the Trident Exploit
iOS 9.3.4 and minor versions are vulnerable to the Trident Exploit http://ift.tt/2caFWXq Its name is the Trident: a chain of zero-day exploits that aim to infect iPhone with commercial spyware. Researchers linked it to the NSO group. Its name is the Trident: a chain of zero-day exploits that aim to infect iPhone with commercial spyware.…
-
Dropbox Hacked — More Than 68 Million Account Details Leaked Online
Dropbox Hacked — More Than 68 Million Account Details Leaked Online http://ift.tt/2c3FTxo Hackers have obtained credentials for more than 68 Million accounts for online cloud storage platform Dropbox from a known 2012 data breach. Dropbox has confirmed the breach and already notified its customers of a potential forced password resets, though the initial announcement failed…
-
#Malware #Analysis – Dridex Loader – Part 2
#Malware #Analysis – Dridex Loader – Part 2 http://ift.tt/2bInDcs On our last blog post, we performed malware analysis of Dridex and found out how to decode its strings. This gave us more visibility into its intent and functionality. In this part we will continue the analysis and move into getting the Dridex configuration settings and…
-
How to truly benefit from penetration tests and bug bounties via /r/netsec
How to truly benefit from penetration tests and bug bounties http://ift.tt/2cdzuC1 Submitted August 30, 2016 at 10:46PM by dbalut via reddit http://ift.tt/2bZh73e
-
WoSign erroneously issues github.com certificate to unauthorized user, then fails to revoke it. via /r/netsec
WoSign erroneously issues github.com certificate to unauthorized user, then fails to revoke it. http://ift.tt/2bXZOPI Submitted August 31, 2016 at 03:58AM by maha420 via reddit http://ift.tt/2bUqBez
-
Transmission Bittorrent infected again via /r/netsec
Transmission Bittorrent infected again http://ift.tt/2c5eSZa Submitted August 30, 2016 at 06:31PM by nlyx via reddit http://ift.tt/2cpISnb
-
IceCTF – NoSQLi via /r/netsec
IceCTF – NoSQLi http://ift.tt/2bGRf9N Submitted August 30, 2016 at 09:26PM by werrett via reddit http://ift.tt/2c2OCzX