Hacking

Security experts at CSE CybSec ZLab malware Lab have conducted an interesting analysis of the principal Ransomware-as-a-Service platforms available on the dark web. Over the years, the diffusion of darknets has created new illegal business models. Along with classic illegal goods such as drugs and payment card data, other services appeared in […]

The authors of the XiaoBa ransomware have retooled their malware’s code into a cryptocurrency miner (coinminer). Unfortunately, despite not encrypting files anymore, the XiaoBa coinminer still destroys users’ data thanks to a series of bugs that primarily corrupt a user’s executable files. History of the XiaoBa ransomware The XiaoBa ransomware […]

Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier […]

Intel announced a new Threat Detection Technology and a framework of critical root-of-trust hardware security capabilities in its chips. Intel continues to innovate its products, the tech giant announced two new technologies, the Threat Detection Technology (TDT) and Security Essentials. The Threat Detection Technology leverages the silicon-level telemetry and functionality to allow […]

Bad news if you’re one of the hundreds of millions of online banking users around the world. The chances are your bank’s website and web apps are horribly insecure. Researchers at security firm Positive Technologies, which has a commercial stake in securing web apps, tested 33 websites and services using its […]

Security experts at Cisco’s Talos group have discovered a total of 17 vulnerabilities in Moxa EDR-810 industrial routers manufactured by Moxa. The Moxa EDR-810 is an integrated industrial multiport router that implements firewall, NAT, VPN and managed Layer 2 switch capabilities. These devices are used in industrial environments to protect systems such […]

Gootkit banking trojan is still being distributed via the Mailgun SMTP sending service, using Microsoft’s One drive business file hosting service to deliver the malicious macro enabled word docs that in turn download the gootkit banking trojan payload from another site.  These use compromised mail accounts or websites  to relay […]