Hacking

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. A new cyber espionage group tracked as Gallmaker appeared in the threat landscape. According to researchers from Symantec, who first spotted the threat actor, the group has launched […]

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates Security experts from security firm SEC Consult have identified over 100 companies that buy and re-brand video surveillance equipment (surveillance cameras, digital video recorders (DVRs), and network video recorders […]

Security researchers at NetLab, a sub-division of the Chinese cybersecurity firm Qihoo 360, have discovered a new, wide-scale, and very active malware campaign that has managed to hijack more than 100,000 home routers between Sept 21 and 27. A majority of routers (almost 88%) are located in Brazil. The malware […]

Apple has released a new round of security updates for iOS 12 and iCloud that resolve numerous vulnerabilities. For iOS, these updates resolve two passcode bypasses and for iCloud there are numerous, including critical, vulnerabilities that were fixed. Included in this update are also fixes for the charging and WiFi bugs that […]

A zero-day vulnerability tied to the Window’s Win32k component is under active attack, warns Microsoft. Microsoft has issued a patch for a zero-day bug being actively being exploited in the wild, as part of its Patch Tuesday security bulletin. The vulnerability is an elevation-of-privilege flaw, rated important, affecting the Windows […]

New Intel Coffee Lake CPUs offer hardware-based protections against some -but not all- Spectre and Meltdown variants. Intel’s new ninth-generation CPUs come packed with hardware-based protections against two variants of the infamous Meltdown and Spectre speculative execution attacks. The ninth-generation desktop Core processors are dubbed Coffee Lake, and became available […]

Security researchers who devised last year the Key Reinstallation Attack, aka KRACK attack,  have disclosed new variants of the attack. Security researchers Mathy Vanhoef and Frank Piessens who devised last year the Key Reinstallation Attack against WPA, aka KRACK attack,  have disclosed new variants of the attack. Last year, boffins discovered several key […]

While most phishing campaigns are fairly simplistic in nature and easy to spot (they usually involve a legitimate-looking email, often with a malicious attachment or link embedded in the text), a spam campaign we observed in September indicates attackers are angling towards a more sophisticated form of phishing. The campaign […]

Security experts from Digital Shadows have conducted an interesting study about the technique adopted by crooks to infiltrate company emails, so-called BEC scam. According to the FBI, the number of business email account (BEC) and email account compromise (EAC) scam incidents worldwide reached 78,000 between October 2013 and May 2018. Business email […]