An air of unease set into the security circles on Sunday as they prepared for the disclosure of high-severity vulnerabilities in the Wi-Fi Protected Access II protocol that make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points. The proof-of-concept exploit is called KRACK, short for Key […]
Hacking
Scam Alert: Your Trusted Friends Can Hack Your Facebook Account
If you receive a message from any of your Facebook Friends asking for urgent help to recover their Facebook account, since they’ve added you as one of their ‘Trusted Contacts‘—just don’t blindly believe it. Researchers have detected a new Facebook phishing scam that can even trick an experienced technical user […]
LOCKY GETS UPDATED TO ‘YKCOL’, PART OF RAPID-FIRE SPAM CAMPAIGNS
Cybercriminals behind the Locky ransomware have revamped the malware’s code three times in 30-day period and blasted out massive spam campaigns. According to researchers at Trustwave, the latest variant of Locky ransomware is called Ykcol (that’s Locky spelled backwards) and was part of a Sept. 19 spam blast targeting 3 […]
Hackers were able to steal $60 million from Taiwanese bank.
Last week, a hacking group was able to abuse the SWIFT (the Society for Worldwide Interbank Financial Telecommunications) banking network to steal $60 million after installing malware on a Taiwanese bank’s servers. The Far Eastern International Bank has admitted that malware had been found on its machine systems, affecting PCs […]
iOS Flaw Makes Apple ID Passwords Prone to Phishing Attacks
According to the findings of Felix Krause, a mobile app developer and founder of Fastlane, there is a flaw in iOS that is potentially dangerous for the security of users’ passwords. In his blog post, Krause explained that cybercriminals could use pop-up dialog boxes to carry out phishing attacks so that an unsuspecting user could be […]
Unpatched SQLi vulnerability in SmartVista e-commerce suite
Companies using SmartVista, the popular e-commerce/payment management product suite developed by Swiss company BPC Banking Technologies, are urged to put limit access to its management interface. That’s because Rapid7 researcher Aaron Herndon found a SQL injection vulnerability in it, and BPC has shown no indication that it’s going to fix […]
SEC spoofed, malware hosted on US gov’t server in new DNS attack
Researchers have discovered a new version of the DNS Messenger attack which masquerades as the US Securities and Exchange Commission (SEC) and hosts malware on compromised government servers. On Wednesday, security researches from Cisco Talos revealed the results of an investigation into DNS Messenger, a fileless attack which uses DNS […]
ASD revealed hacker stole 30GB of sensitive data on Australia’s military capabilities
The Australia’s foreign intelligence agency, the Australian Signals Directorate (ASD), admitted a hacker has stolen over 30 GB of military documents. Stolen data includes details on fighter jets, military aircraft, and naval ships. The hacker stole the huge trove of confidential data on military capabilities at an unnamed Department of […]
FIN7 Hackers Change Attack Techniques
The financially-motivated FIN7 hacking group recently switched to a new delivery technique and has been employing a different malware obfuscation method, ICEBRG security researchers reveal. Highly active since the beginning of 2017, FIN7 (also known as Anunak, or Carbanak) started distributing malware via LNK files embedded in Word documents using […]
North Korea hackers threaten Irish companies with ‘almost daily’ attacks
State-sponsored hackers from North Korea are launching almost daily attacks on Irish companies and critical infrastructure North Korean state-sponsored hackers are launching almost daily attacks on Irish companies and critical infrastructure, they are also suspected to be responsible for the €4.3m cyber heist on Meath County Council in October 2016. […]