Here's why the scanners on VirusTotal flagged Hello World as harmful

Here's why the scanners on VirusTotal flagged Hello World as harmful

Last week, on August 10, a security researcher who goes by the handle "zerosum0x0" posted an interesting image to Twitter, it was the code behind a debug build of an executable. The code was 'Hello World' – the training example used...

08/16/17

Kaspersky discovers supply-chain attack at NetSarang

Kaspersky discovers supply-chain attack at NetSarang

While investigating suspicious DNS requests for a financial institution, researchers at Kaspersky discovered backdoor in recently updated copies of software released by NetSarang, a developer of management tools for servers and...

08/15/17

Attackers experimenting with CVE-2017-0199 in recent phishing attacks

Attackers experimenting with CVE-2017-0199 in recent phishing attacks

Researchers at Trend Micro and Cisco's Talos have identified a new wave of Phishing attacks leveraging CVE-2017-0199, a previously-patched remote code execution vulnerability in the OLE (Windows Object Linking and Embedding) interface...

08/15/17

Cylance blamed for DirectDefense’s ‘botnet’ disclosure

Cylance blamed for DirectDefense’s ‘botnet’ disclosure

Twenty-four hours after Carbon Black responded to a report from DirectDefense that their Cb Response product was leaking customer information (it doesn't), one company executive is pointing the finger at Cylance as the source of the...

08/10/17

Pentest firm calls Carbon Black
Update

Pentest firm calls Carbon Black "world’s largest pay-for-play data exfiltration botnet"

On Wednesday, DirectDefense, Inc. disclosed that they've discovered hundreds of thousands of files from Carbon Black customers. The discovery is said to pose a significant risk to Carbon Black's clients, because of the company's...

08/09/17

Engineering firm exposes SCIF plans and power vulnerability reports

Engineering firm exposes SCIF plans and power vulnerability reports

Chris Vickery, director of cyber risk research at UpGuard, Inc., says that a misconfigured Rsync server maintained by Power Quality Engineering, Inc. (PQE) exposed client information pertaining to critical infrastructure for the City...

08/07/17

Hackers claim credit for alleged hack at Mandiant, publish dox on analyst
Update

Hackers claim credit for alleged hack at Mandiant, publish dox on analyst

Late Sunday evening, someone posted details alleged to have come from a compromised system maintained by Adi Peretz, a Senior Threat Intelligence Analyst at Mandiant. The leaked records expose the analyst from both a personal and...

07/31/17

The congestion at DEF CON 25 is rough, don’t forget about DEF CON TV

The congestion at DEF CON 25 is rough, don’t forget about DEF CON TV

The lines at DEF CON 25 are clogging the hallways at Caesar’s in Las Vegas. However, it’s still possible to catch the talks, thanks to DEF CON TV.

07/28/17

Adobe announces end-of-life for Flash, the InfoSec world cheers

Adobe announces end-of-life for Flash, the InfoSec world cheers

Support for Flash Player will end in 2020, so now is the time for website owners to migrate from it.

07/26/17

Las Vegas UPS Store makes risk adjustments due to DEF CON

Las Vegas UPS Store makes risk adjustments due to DEF CON

The UPS Store in Caesars Palace is preparing to host thousands of hackers this weekend by issuing a warning to hotel guests who are looking for printing services – no USB printing and no links.

07/25/17

Configuration errors blamed for sensitive data exposed via Google Groups

Configuration errors blamed for sensitive data exposed via Google Groups

Researchers at RedLock, working within the Cloud Security Intelligence team, say they've discovered hundreds of organizations exposing sensitive data via Google Groups, pinning the cause on basic configuration issues.

07/24/17

Scammers demand Bitcoin in DDoS extortion scheme, deliver empty threats

Scammers demand Bitcoin in DDoS extortion scheme, deliver empty threats

The FBI has issued an advisory to businesses over a recent string of DDoS extortion attempts. The perpetrators are claiming to be affiliated with Anonymous or Lizard Squad, and their demands threaten sustained attacks unless a Bitcoin...

07/19/17

A Blue Team's reference guide to dealing with Ransomware

A Blue Team's reference guide to dealing with Ransomware

Ransomware has been around since 2013, but it was the success of CryptoLocker that spawned a booming vertical market for criminals. Last week, as June came to a close, criminals leveraged the fear associated with the Petya Ransomware...

07/05/17

Developer uses code to get revenge on tech support and IRS scammers

Developer uses code to get revenge on tech support and IRS scammers

Tech support and IRS scams have become as common as random emails proclaiming that you've won the lottery, or emails from prince in some foreign land who wants to share their wealth. One potential victim used a bit of code to take...

06/25/17

Republican data analytics firm exposes voting records on 198 million Americans

Republican data analytics firm exposes voting records on 198 million Americans

Researcher Chris Vickery has discovered nearly 200 million voter records in an unsecured Amazon S3 bucket maintained by Deep Root Analytics (DRA), a big data analytics firm that helps advertisers identify audiences for political ads....

06/19/17

It's time to update XP, Windows Server 2003 despite Microsoft's emergency patch

It's time to update XP, Windows Server 2003 despite Microsoft's emergency patch

Windows XP and Windows Server 2003 are supposed to be dead, but Microsoft's emergency update to address serious vulnerabilities gives organizations another excuse to hang on to these legacy operating systems a little longer.

06/15/17

Recap: News agency hack blamed for diplomatic meltdown in Qatar

Recap: News agency hack blamed for diplomatic meltdown in Qatar

Early Monday morning in Bahrain, the country's Foreign Affairs Ministry said the nation has severed diplomatic ties with Qatar. Within minutes of Bahrain's announcement, the United Arab Emirates, Saudi Arabia, and Egypt followed suit....

06/05/17

Proposed 'hack back' law would not have stopped WannaCry

Proposed 'hack back' law would not have stopped WannaCry

On Monday, the Financial Times published a story concerning a proposed bill form Representative Tom Graves, a Republican from Georgia's 14th district. Graves has proposed changing the Computer Fraud and Abuse Act (CFAA) to allow...

05/25/17

27 arrested for black box ATM attacks across Europe

27 arrested for black box ATM attacks across Europe

Europol said in a statement last week that 27 people have been arrested for their connection to a string of successful black box attacks against ATMs across Europe. Since 2016, these attacks have resulted in more than €45 million in...

05/22/17

DHS wargames included a scenario similar to WannaCry

DHS wargames included a scenario similar to WannaCry

In March of 2016, the Department of Homeland Security conducted a national exercise to see how the government and the private sector would react to a multi-sector cyberattack on critical infrastructure. The scenario included malware...

05/17/17

Load More