Researchers demonstrated that it is possible to rapidly clone the wireless key fob of the expensive Tesla Model S and possibly other vehicles. The team of experts COSIC research group at the KU Leuven University in Belgium has devised a new relay attack against the Passive Keyless Entry and Start (PKES) system that is used by many cars […]
Zero-day broker Zerodium has disclosed a NoScript vulnerability that could be exploited by attackers to execute arbitrary JavaScript code in the Tor Browser. Zero-day broker Zerodium has disclosed a NoScript vulnerability that could be exploited by attackers to execute arbitrary JavaScript code in the Tor Browser. NoScript is a popular Firefox extension that protects users against malicious scripts, it only allows […]
Security experts observed the LuckyMouse APT group using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. Security experts from Kaspersky have observed the LuckyMouse APT group (aka Emissary Panda, APT27 and Threat Group 3390) using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. The APT group […]
A new report from the U.S. Government Accountability Office (GAO) provides detailed information of the Equifax hack. The Equifax hack occurred in May 2017 when attackers exploited the CVE-2017-5638 Apache Struts vulnerability in the Jakarta Multipart parser upload function. The flaw allowed the attacker to make a maliciously crafted request to an Apache web server and gain access […]
Security experts with Unit 42 at Palo Alto Networks have discovered new variants of the Mirai and Gafgyt IoT malware targeting enterprises. Both botnets appear very interesting for two main reasons: The new Mirai variant targets the same Apache Struts vulnerability exploited in the 2017 Equifax data breach. The vulnerability affects the Jakarta Multipart parser upload […]
A growing number of iOS apps currently collect location data, WiFi network IDs and other data, from iPhone users and sell them to monetization firms. A group of security researchers that developed the popular Guardian mobile firewall app revealed that a growing number of iOS apps currently collect location data, WiFi network IDs and other data, from […]
At the end of August, security experts discovered a new exploit kit called Fallout that is being used to distribute the GandCrab ransomware. At the end of August, the threat analyst nao_sec discovered a new exploit kit called Fallout that is being used to distribute the GandCrab ransomware and other malicious codes, including droppers and potentially unwanted […]
Researchers from Kaspersky have published a new report on the attacks on ICS systems observed by its products in the first half of 2018. Kaspersky Lab experts have published a new report titled âThreat Landscape for Industrial Automation Systemsâ report for H1 2018, that includes interesting data related to attacks against the ICS systems. The security […]
Andrei Tyurin, the man that is accused to be the responsible for major cyber attacks against financial institutions, including JPMorgan Chase, was extradited to the United States from Georgia. The Russian citizen Andrei Tyurin (35) was extradited to the United States from Georgia on Friday, the man charged over the massive theft of customer data from JPMorgan Chase […]
UK NCA arrested a member of the Apophis Squad hacker group that launched distributed denial-of-service (DDoS) attacks against many organizations, including ProtonMail. The U.K. National Crime Agency (NCA) announced the arrest of the 19-year-old George Duke-Cohan from Hertfordshire that was involved in the ProtonMail DDoS attack. The teenager, aka â7R1D3N7,â âDoubleParallaxâ and âoptcz1,âwas arrested on August 31 and is still in […]