If anyone reading this works in InfoSec, as I do then you will know that a company’s internal network, once compromised, is now more likely to be ransacked by automated scripts using tools already on the network and white-listed than a piece of malware. This according to researchers with IBM’s X-Force, […]
hackers
15 posts
Hackers are impersonating recruitment agencies on LinkedIn in a bid to target companies with backdoor malware. Researchers at Proofpoint found that the malware campaigns primarily targeted US companies in various industries including retail, entertainment, pharmacy, and others that commonly employ online payments, such as online shopping portals. In a blog […]
Executive Summary Since at least 2015, a suspected South Asian threat grouping known as BITTER has been targeting Pakistan and Chinese organizations using variants of a previously unreported downloader. We have named this malware family ArtraDownloader based on a PDB string discovered within the samples. We’ve observed three variants of this downloader […]
Russian programmer Stanislav Lisov, extradited to the United States from Spain in 2018, pleaded guilty to conspiring to commit a hacker attack, reported TASS with a reference to Russian lawyer Arkady Bukh and the Prosecutor’s Office of the Southern District of New York. Lisov pleaded guilty to one of the […]
Marriott let me know that the hack of their systems released my unencrypted passport number and unencrypted credit card number. Even this information isn’t helpful because they don’t let me know which number or whether or not it’s expired. The data breach compromised 383 million records including 5.25 million unencrypted […]
As North Korea tries to rev up its economy, it may shift its hacking efforts from financial thievery to stealing intellectual property, China-style. That’s according to a contested new theory from cyber security firm CrowdStrike. Why it matters: North Korea is already one of the “big four” hacking threats — along […]
Governments and private organisations have around 20 minutes to detect and contain a hack from Russian nation-state actors. New statistics published today by US cyber-security firm Crowdstrike ranked threat groups based on their “breakout time.” “Breakout time” refers to the time a hacker group takes from gaining initial access to […]
The dump is relatively small, containing around 3MB of files. https://pastebin.com/L48e49AK At the end of July, anonymous hackers published documents stolen from an employee of cybersecurity firm FireEye, and claimed that more data would follow. On Monday, the hackers seemingly followed up, and released a second cache of alleged documents, passwords, and […]
Description Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment. Installation $ git clone https://github.com/m4ll0k/Spaghetti.git $ cd Spaghetti $ pip install -r […]
Yeah, thanks a lot…. in-case you can’t tell its my sarcasm kicking in. After doing heavy damage to KrebsOnSecurity and other web servers the creator of the Mirai DDoS botnet, a program designed to harness insecure IoT devices to run massive Distributed denial of service attacks, has apparently released the […]
Everyone knows about the joint USA and Israeli malware called Stuxnet that was designed to put a halt to the Iranian nuclear program. According to the new Documentary film Zero Days http://www.imdb.com/title/tt5446858/ Stuxnet was really called Operation Olympic Games. This was from an Anonymous NSA employee that work in TAO, which […]
Internet Explorer is still one of the most used browsers in the world. The fact that it comes pre-installed on both the desktop version of Windows and Windows Phone means that it is probably the default browser for many – and makes it a very lucrative target for hackers. HP […]
1/2 TRILLION spent on IT upgrades, but IRS, Feds still use DOS, Windows 97 President Obama’s team has spent more than a half trillion dollars on information technology but some departments, notably the IRS, still run on DOS and Windows 97, which isn’t serviced any-more by Microsoft, according to House […]
Toronto hackers threatened to leak details including the credit card information, nude photos and sexual fantasies of as many as 37 million customers of a dating website that caters to cheating spouses, the KrebsOnSecurity blog reported. The dating website AshleyMadison.com’s Canadian parent, Avid Life Media, confirmed the breach on its […]
Hackers appear to have stolen the entire user database of cloud-based Bitcoin mining outfit Cloudminr.io and are offering to sell 79,267 accounts including passwords for a single Bitcoin. The Norwegian company’s website is offline and criminal advertisements showcasing some of the CSV database of members has popped up on web […]