Executive Summary Since at least 2015, a suspected South Asian threat grouping known as BITTER has been targeting Pakistan and Chinese organizations using variants of a previously unreported downloader. We have named this malware family ArtraDownloader based on a PDB string discovered within the samples. We’ve observed three variants of this downloader […]
Russian programmer Stanislav Lisov, extradited to the United States from Spain in 2018, pleaded guilty to conspiring to commit a hacker attack, reported TASS with a reference to Russian lawyer Arkady Bukh and the Prosecutor’s Office of the Southern District of New York. Lisov pleaded guilty to one of the […]
Marriott let me know that the hack of their systems released my unencrypted passport number and unencrypted credit card number. Even this information isn’t helpful because they don’t let me know which number or whether or not it’s expired. The data breach compromised 383 million records including 5.25 million unencrypted […]
As North Korea tries to rev up its economy, it may shift its hacking efforts from financial thievery to stealing intellectual property, China-style. That’s according to a contested new theory from cyber security firm CrowdStrike. Why it matters: North Korea is already one of the “big four” hacking threats — along […]
Dmitry Artimovich, who on several occasions had been referred to as a “Russian hacker” by the world’s largest news publications (The New York Times, Associated Press), has published the book “ONLINE PAYMENT SOLUTIONS: The evolution of Visa and MasterCard. Regulation and development of payment systems in Europe” In the first Russian […]
In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains the original exploit POC, which is being made available for research and education. For a detailed walkthrough of the vulnerability and the […]
The remote execution flaw exists because some field types do not properly sanitize data from non-form sources and this can be exploited to achieve arbitrary PHP code execution. It is deemed highly critical because it can be exploited by unauthenticated attackers and only requires easily achievable user interaction (a visit […]
Linux Kernel is prone to an arbitrary code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the kernel. Failed exploits may result in denial-of-service conditions. The Kernel Address Sanitizer (KASAN) that detects dynamic memory errors within the Linux kernel code has just picked […]
The fundamental challenge of cybersecurity is not new. They have existed as long as computers have been used in sensitive applications in various industries. Industries face these issues following their level of dependency on computer technology on different timescales and context. Likewise in the automotive sector, the potential capabilities fueled by connected technology offer […]
Between the last week of January to February, we noticed an increase in hack tool installation attempts that dropped seemingly random files into the Windows directory. Initially appearing unrelated, analysis showed the final payload to be a Monero cryptocurrency-mining malware variant as it scans for open port 445 and exploit a Windows SMB […]
GitHub revealed on Tuesday that last year it paid out $165,000 to researchers who took part in its public bug bounty program. Security experts also earned significant amounts of money through GitHub’s private bug bounty programs, researcher grants, and a live hacking event. The hacking event took place in August […]
Everyone likes a new Kali update! The big marquee update of this release is the update of Metasploit to version 5.0, which is their first major release since version 4.0 came out in 2011. Metasploit 5.0 is a massive update that includes database and automation APIs, new evasion capabilities, and usability improvements throughout. […]
Governments and private organisations have around 20 minutes to detect and contain a hack from Russian nation-state actors. New statistics published today by US cyber-security firm Crowdstrike ranked threat groups based on their “breakout time.” “Breakout time” refers to the time a hacker group takes from gaining initial access to […]
Cobalt Strike is software for Adversary Simulations and Red Team Operations. What this means is, if you wanted to test your SOC capabilities or IR functions and see how well they do against someone mimicking an APT, this tools allows you to do that. With that said let’s move on. Load […]
TLDR: Canary tokens are not new but can help give you some Intel into your attackers, be it insider or external . If you’re not familiar with the idea of a canary as an early warning system, its origins lie in coal mining. Miners would carry a small bird […]