securityXspace: a blog about cyber-philosophy.

SWIFT, the interbank messaging system allegedly targeted by the NSA, says there is no indication its network has been compromised. Source: SWIFT: System Unaffected Following Shadow Brokers Leak

A technique used by marketers and advertisers to track web users and email recipients has been repurposed by cybercriminals and online spies as a way of discovering potential hacking targets, according to new security research. “We’ve seen a lot more … Source: Hackers using pixel tracking to build data for better phishing practices

Ransomware has been around for a few years, but it has become an albatross around everyone’s neck, targeting businesses, hospitals, financial institutions and individuals worldwide and extorting millions of dollars. Forget about developing sophisticated banking trojans and malware to steal money out of people and organizations. Source: Russian Hacker Selling Cheap Ransomware-as-a-Service On Dark Web

The leaked NSA documents and tools published in recent months by the mysterious Shadow Brokers group have provided rare insight into the clandestine digital espionage operations pursued by the spy agency over the past few years, including information … Source: Shadow Brokers leaks show US spies successfully hacked Russian, Iranian targets

Akamai Networks since October has detected and mitigated at least 50 DDoS attacks using Connectionless LDAP. Source: New Breed of DDoS Attack On the Rise

x86, Sparc running Solaris 6-10 at risk – and potentially 11 Now that the sulky Shadow Brokers gang has leaked its archive of stolen NSA exploits, security experts are trawling Uncle Sam’s classified attack code – and the results aren’t good for anyone using Oracle’s Solaris.… Source: Solaris admins! Look out – working remote root…

Boffins say BGP is a threat to the crypto-currency Attacks on Bitcoin just keep coming: ETH Zurich boffins have worked with Aviv Zohar of The Hebrew University in Israel to show off how to attack the crypto-currency via the Internet’s routing infrastructure.… Source: Evil ISPs could disrupt Bitcoin’s blockchain

eWeek Microsoft Set to Patch New Zero – Day Office Vulnerability eWeek Microsoft Office users are under attack today from a zero – day vulnerability that is not set to be patched until April 11. Security firm McAfee first publicly posted about the new zero – day vulnerability in Microsoft Word files on April 7,…

Longhorn: Tools used by cyberespionage group linked to Vault 7: Spying tools and operational protocols detailed in the recent Vault 7 leak have been used in cyberattacks against at least 40 targets in 16 different countries by a group Symantec calls Longhorn. Symantec has been protecting its customers from Longhorn’s tools for the past three…

Security researchers have confirmed that the alleged CIA hacking tools recently exposed by WikiLeaks have been used against at least 40 governments and private organizations across 16 countries. Since March, as part of its “Vault 7” series, Wikileaks has published over 8,761 documents and other confidential information that the whistleblower group claims came from the…