Rockwell Automation released updates for Allen-Bradley Stratix industrial switches that address several DoS flaws introduced by Cisco software. Rockwell Automation released security updates that address several DoS vulnerabilities in its Allen-Bradley Stratix industrial switches introduced by Cisco software. ICS-CERT and Rockwell Automation published three separate advisories to warn of the effects of the vulnerabilities introduced […]
Security experts at Bad Packets uncovered a DNS hijacking campaign that is targeting the users of popular online services, including Gmail, Netflix, and PayPal. Experts at Bad Packets uncovered a DNS hijacking campaign that has been ongoing for the past three months, attackers are targeting the users of popular online services, including Gmail, Netflix, and […]
Security experts at FireEye observed the financially motivated group FIN6 adding the LockerGoga and Ryuk ransomware to its arsenal. According to cybersecurity experts at FireEye, the FIN6 cybercrime group is diversifying its activities and added LockerGoga and Ryuk ransomware to its arsenal. Previous attacks conducted by the FIN6 group aimed at compromising point-of-sale (PoS) systems, […]
A vulnerability could be exploited by attackers to trigger a denial-of-service (DoS) condition on devices running RouterOS. MikroTik routers made the headlines again, the company disclosed this week technical details about a year-old vulnerability that exposes the device to remote attacks. Attackers could exploit the vulnerability to trigger a denial-of-service (DoS) condition on devices running […]
Currently of 300,000+ Magento stores, the vast majority of the installs is still running vulnerable versions of the popular content management system. The problem with patches is that sometimes they fix something and sometimes they break something. Sounds strange, right? Well, let us explain ourselves. See, PRODSECBUG-2198 is a security patch for Magento that fixes […]
Researchers demonstrated that hackers can modify 3D Computer Tomography scans to add or remove evidence of a serious illness, including cancers. A group of researchers from the Ben-Gurion University and the Soroka University Medical Center, Beer-Sheva, in Israel, have demonstrated that hackers can modify 3D medical scans to the result of a clinical examination. Attackers […]
Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. The name ‘Xwo‘ comes from […]
ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. Introduction A few days ago, […]
If you use a Xiaomi smartphone you should be aware that a pre-installed security software could be abused for malicious activities. Bad news for the owners of Xiaomi smartphones, a pre-installed security application could be used as a backdoor by hackers. Security experts at CheckPoint have discovered that a security app, called Guard Provider, that […]
Malware researcher and founder of Yoroi Marco Ramill described a step-by-step procedure that shows how to dissect an Office dropper. During the past few weeks, I received several emails asking how to dissect Office Payloads. While I was thinking about how to answer to such questions I received a MalSpam with a Microsoft Office document […]