Source: Google And Facebook Duped Out Of $100 Million In Phishing Scam
Month: April 2017
Use of DNS Tunneling for C&C Communications
– Say my name. – 127.0.0.1! – You are goddamn right. Network communication is a key function for any malicious program. Yes, there are exceptions, such as cryptors and ransomware Trojans that can do their […]
New MacOS Malware, Signed With Legit Apple ID, Found Spying On HTTPS Traffic
Many people believe that they are much less likely to be bothered by malware if they use a Mac computer, but is it really true? Unfortunately, No. According to the McAfee Labs, malware attacks on […]
Deep-dive into XEE
XML External Entity is a problem faced by many web applications. This site offers an interesting deep dive into the technique and methods of protection: XEE
Mimipenguin
Useful looking tool for dump Linux passwords: Mimipenguin
New OWASP Top 10 Reveals Critical Weakness in Application Defenses
It’s time to move from a dependence on the flawed process of vulnerability identification and remediation to a two-pronged approach that also protects organizations from attacks. Source: New OWASP Top 10 Reveals Critical Weakness in […]
Discovery of 8,800 C2 servers sends warning to Asian cybercriminals
Move shows the importance of international co-operation to take down cybercrime at its roots Source: Discovery of 8,800 C2 servers sends warning to Asian cybercriminals
Unplug the Bitcoin miner and do us all a favour: Antminer has remote shutdown flaw
‘Antbleed’ attack could crock 70 per cent of all mining. Time to try another flavour? A new branded bug ( sigh ) has landed, specific to an ASIC-based Bitcoin miner: dubbed “Antbleed”, it allows remote […]
Almost two million Androids infected by FalseGuide malware, masquerading as game guides
A malware family known as FalseGuide masqueraded as game guides on Google Play to infect nearly two million Android devices. David Bisson reports. Source: Almost two million Androids infected by FalseGuide malware, masquerading as game […]
Hackers exploited Word flaw for months while Microsoft investigated
SAN FRANCISCO (Reuters) – To understand why it is so difficult to defend computers from even moderately capable hackers , consider the case of the security flaw officially known as CVE-2017-0199. The bug was unusually […]