Tag: Feedly

A Few Thoughts on #Cryptographic #Engineering: Is #Apple’s Cloud Key Vault a #crypto #backdoor? http://ift.tt/2bh9hTc .. See it on Scoop.it, via Advanced Threats,Intelligence Technology,CyberSecurity APT via Advanced Threats,Intelligence Technology,CyberSecurity | Scoop.it http://ift.tt/1PrSk69 August 14, 2016 at 03:30AM

DDoSCoin — New Crypto-Currency Pays Users for Participating in DDoS Attacks http://ift.tt/2b3EeZd It’s 2016, and now, you can earn some dollars by contributing into well-organized DDoS attack scheme. Do you know while mining Bitcoins you are actually contributing a significant computational power to keep the Bitcoin network running? In Bitcoins, the miners actually build and…

POS malware stings 20 US hotels http://ift.tt/2bgL27Q Another 20 US hotels have been identified as being infected with point-of-sale malware earlier this year. The dozen affected hotels are run by HEI Hotels & Resorts and bear the Starwood, Westin, Marriott International, Hyatt and InterContinental brands. The chain says the malware campaign ran as far back…

Guccifer 2.0 Leaks Personal Info of Nearly 200 Congressional Democrats http://ift.tt/2aRXUBT The hacker, who recently claimed responsibility for the high-profile hack of Democratic National Committee (DNC), has now taken credit for hacking into the Democratic Congressional Campaign Committee (DCCC) as well. To prove his claims, the hacker, going by the moniker Guccifer 2.0, dumped on…

New Locky Ransomware Spotted in the Brazilian Underground Market, Uses Windows Script Files http://ift.tt/2bw4ttQ Like a game of cat and mouse, the perpetrators behind the Locky ransomware had updated their arsenal yet again with a new tactic—using Windows Scripting File (WSF) for the arrival method. WSF is a file that allows the combination of multiple scripting…

Microsoft Office Word 2007 / 2010 / 2013 / 2016 Remote Code Execution http://ift.tt/2bodW5e Microsoft Office Word versions 2007, 2010, 2013, and 2016 suffer from an out-of-bounds read that allows for remote code execution. This vulnerability is noted in MS16-099. Vulnerabilities via Exploit Files ≈ Packet Storm http://ift.tt/1Fpvz7L August 12, 2016 at 03:18PM

Iran Threats: Documenting Iranian State Sponsored Hacking http://ift.tt/2aMFjkV Iran Threats: Documenting Iranian State Sponsored Hacking: Documenting digital surveillance and espionage campaigns targeting the human rights community, civil society and foreign policy establishment conducted by Iranian actors. BHUSA preso: http://ift.tt/2aMEAQS Tech paper: http://ift.tt/2bgAAte Vulnerabilities via Ecstatic Security http://ift.tt/1TuVnt9 August 11, 2016 at 01:50PM

Microsoft Disables RC4 in Edge and Internet Explorer 11 http://ift.tt/2b3hhEX Starting this week, the RC4 cipher is disabled in Edge (Windows 10) and Internet Explorer 11 (Windows 7 and newer), bringing Microsoft’s browsers in line with Chrome and Firefox. Around for almost 30 years, RC4 has been widely supported by online services and web applications,…

Fresh Baked HOMEKit-made Cookles – With a DarkHotel Overlap http://ift.tt/2aQkB9s Threat actors tend to reuse certain tools, a trend we observed during recent Unit 42 research published on MNKit. In this post, we will discuss a fresh toolkit, which on the surface, appeared similar to MNKit, but functionally was found to be quite different. This…

ProjectSauron: top level cyber-espionage platform covertly extracts encrypted government comms http://ift.tt/2aDBXVK ProjectSauron: top level cyber-espionage platform covertly extracts encrypted government comms: Vulnerabilities via Ecstatic Security http://ift.tt/1TuVnt9 August 10, 2016 at 05:20PM