The Cybaze-Yoroi ZLab analyzed a new sample of Nanocore Remote Administrator Tools (RAT) using a Delphi wrapper to protect its code. Introduction Historically, cyber-criminals adopted one or more layers of encryption and obfuscation...
Yubico is replacing YubiKey FIPS security keys due to a serious flaw that makes cryptographic operations easier to crack under specific conditions. Yubico is replacing YubiKey FIPS security keys due to a serious issue that flaw that makes it easier...
Hackers are targeting millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions, threat actors leverage the CVE-2019-10149 flaw. Millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions are under...
A security expert at SEC Consult discovered that some WAGO industrial managed switches are affected by several serious vulnerabilities. A security researcher at consulting company SEC Consult discovered several vulnerabilities in some models of WAGO...
Malware infections could be devastating for production environments, a ransomware infection halts production operations for days at airplane parts manufacturer ASCO. ASCO, is of the world's largest manufacturers of aerospace components The company...
Encrypted messaging service Telegram was hit by a major DDoS attack apparently originated from China, likely linked to the ongoing political unrest in Hong Kong. Telegram was used by protesters in Hong Kong to evade surveillance and coordinate their...
Security experts discovered a vulnerability in the popular Evernote Web Clipper for Chrome can be exploited to steal sensitive data from sites visited by users. Security experts at browser security firm Guardio discovered a critical universal cross-site...
Tavis Ormandy, a white hat hacker Google Project Zero announced to have found a zero-day flaw in the SymCrypt cryptographic library of Microsoft's operating system. The recently released Microsoft Patch Tuesday security updates for June 2019 failed...
After two years of silence, FIN8 group is back and carried out a new campaign against the hotel-entertainment industry employing the ShellTea/PunchBuggy backdoor. Two years later after the last report, FIN8 group is back and carried out a new campaign...
The English rock Radiohead released 18-hour trove of private recordings from their 1997 album "OK Computer" in response to the recent hack. The alternative rock band Radiohead released an 18-hour trove of private recordings from their 1997 album...
Yoroi Blog