Haythem Elmir

A mitigation mechanism is available for all victims who are under a DDoS attack carried out via Memcached servers. This mitigation technique relies on the attacked victim sending a « flush_all » command back to the attacking servers. The measure was proposed last week by Dormando, one of the Memcached server developers. […]

Firefox 60 will feature a new component named Policy Engine that will provide GPO support on Windows, allowing system administrators to control Firefox instances deployed across an internal network. Work on this feature has been progressing according to plan, and its launch is still scheduled for Firefox 60 — Firefox […]

Malware authors can exploit a flaw in the Windows Code Integrity Guard (CIG) security mechanism to inject malicious, unsigned code into CIG-protected applications, considered to be immune to such attacks. The technique —named CIGslip— impacts Microsoft’s Code Integrity Guard (CIG), a security system that Microsoft first introduced in 2015 with […]

Proof-of-concept code to run massive DDoS attacks using unsecured Memcached servers has been published online this week, along with a ready-made list of over 17,000 IP addresses belonging to vulnerable Memcached servers. Two, and not one, of such proof-of-concept (PoC) utilities, have been released, both uniques in their own way. […]

In July of last year, an Israeli cryptocurrency venture called Coindash was preparing for the Initial Currency Offer (ICO), but as soon as the sale began, a hacker intercepted the company’s website and stole about 43,000 worth of Ethereum. At the time, the stolen cryptocurrency equivalent to the US $ 7.4 million, but today […]

A new cryptocurrency-stealing malware dubbed as ComboJack has been discovered by Palo Alto Networks Unit 42 and Proofpoint researchers. It has been targeting cryptocurrencies and digital wallets belonging to American and Japanese users while the malware is being distributed via email spam campaign. Fake Passport Email The malicious emails contain […]

Palo Alto Networks discovered a malware dubbed ComboJack that is able of detecting when users copy a cryptocurrency address and alter clipboards to steal cryptocurrencies and payments. Crooks continue to focus their interest in cryptocurrencies, security researchers at Palo Alto Networks have spotted a strain of malware dubbed ComboJack that is […]

Academics have designed a new facial recognition system that relies on the way light patterns reflect off the human face to distinguish between individuals, and on the speed with which the system reads the reflected light to detect forgery attempts. The new system is named Face Flashing, and besides a […]

Last week, security firm Bitdefender, the Romanian Police, and Europol allegedly gained access to the GandCrab Ransomware’s Command & Control servers, which allowed them to recover some of the victim’s decryption keys. This allowed Bitdefender to release a tool that could decrypt some victim’s files. After this breach, the GandCrab developers stated that they would release a […]