The experts at Yoroi-Cybaze ZLab discovered a new wave of attacks linked to the cyber espionage campaign tracked as Roma225. Introduction Few months ago we started observing a cyber operation aiming to attack private companies in various business sectors, from automotive to luxury, education, and media/marketing. The attack attribution is still unclear but the large scale of […]
Researchers discovered two serious flaws, QualPwn bugs, in Qualcomm’s Snapdragon SoC WLAN firmware that could be exploited to hack Android device over the air. Security experts at Tencent Blade, the security elite unit at Tencent, have discovered two severe vulnerabilities, QualPwn bugs, that could “allow attackers to compromise the Android Kernel over-the-air. “QualPwn is a […]
The STRONTIUM Russia-linked APT group is compromising common IoT devices to gain access to several corporate networks. Researchers at Microsoft observed the Russia-linked APT group STRONTIUM abusing IoT devices to gain access to several corporate networks. The STRONTIUM APT group (aka APT28, Fancy Bear, Pawn Storm, Sofacy Group, and Sednit) has been active since at least 2007 and it has […]
StockX, the live marketplace for buying and selling limited edition sneakers, watches, handbags, and streetwear, announced a data breach. StockX is a live marketplace for buying and selling limited edition sneakers, watches, handbags, and streetwear, the company announced that the sneaker and streetwear buying platform had been hacked. An unauthorized user was able to access customer data, […]
Recently a data-wiping malware tracked as GermanWiper has been targeting German organizations, the malicious code is pushed via phishing messages. GermanWiper is being distributed in Germany through spam messages that pretend to be emails sent by a job applicant named Lena Kretschmer that is submitting her resume. The messages have the subject “Ihr Stellenangebot – Bewerbung [Your job offer – […]
Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military. The group has been active since 2010 and hit military organizations and other high-profile targets worldwide. […]
While driving to work I have seen the advertisement of a Fireworks Festival that’s going to happen in the city. What about hacking Radio Blasting Systems? And, as usual, my curiosity brought me to one question: “How they trigger the fireworks?” Back when I was a contractor I have worked for a company which the […]
A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities. Amil Hassan Raage, 48, pleaded guilty last week in a southern California court to fraudulently receiving almost $750,000 as part of a spear phishing scheme. […]
It has happened again, for the second time in a few days, Houston County Schools in Alabama delayed the school year’s opening due to a malware attack. The long wave of malware attacks against US schools continues, for the second time in a week, the Houston County Schools in Alabama delayed the school year’s opening scheduled for […]
Malware researchers from enSilo have spotted a new variant of the DealPly adware that uses a new method to avoid detection. Researchers from enSilo have discovered a new variant of the modular DealPly adware that abuses the reputation services provided by Microsoft’s SmartScreen (aka Windows Defender SmartScreen) and McAfee’s WebAdvisor to avoid detection. The main […]