Stolen D-Link Certificate Used to Digitally Sign Spying Malware
Digitally signed malware has become much more common in recent years to mask malicious intentions. Security researchers have discovered a new malware campaign misusing stolen valid digital certificates from Taiwanese tech-companies, including D-Link, to sign their malware and making them look like legitimate applications. As…
Using a simple Google query to mine passwords from dozens of public Trello boards
Kushagra Pathak, a Security researcher, published a great text related to mining confidential data using Google search. We have reprinted his text below, while you can find original text at following URL: https://medium.freecodecamp.org/discovering-the-hidden-mine-of-credentials-and-sensitive-information-8e5ccfef2724 How I used a simple Google query to mine passwords from dozens…
Two Zero-Day Exploits Found After Someone Uploaded ‘Unarmed’ PoC to VirusTotal
Security researchers at Microsoft have unveiled details of two critical and important zero-day vulnerabilities that had recently been discovered after someone uploaded a malicious PDF file to VirusTotal, and get patched before being used in the wild. In late March, researchers at ESET found a…
RAMpage Attack Explained—Exploiting RowHammer On Android Again!
A team of security researchers has discovered a new set of techniques that could allow hackers to bypass all kind of present mitigations put in place to prevent DMA-based Rowhammer attacks against Android devices. Dubbed RAMpage, the new technique (CVE-2018-9442) could re-enable an unprivileged Android…
Defending Against Illicit Cryptocurrency Mining Activity
The popularity of cryptocurrency, a form of digital currency, is rising; Bitcoin, Litecoin, Monero, Ethereum, and Ripple are just a few types of the cryptocurrencies available. Though cryptocurrency is a common topic of conversation, many people lack a basic understanding of cryptocurrency and the risks…
Google Home’s data leak proves the IoT is still deeply flawed
Google / WIRED / Artizarus The Internet of Things (IoT) security problem isn’t going away. The connected network of billions of devices – from smart doorbells to office printers – is regularly found to have privacy problems and be open to attack by potential hackers….
Magento Hackers Using Simple Evasion Trick to Reinfect Sites With Malware
Security researchers have been warning of a new trick that cybercriminals are leveraging to hide their malicious code designed to re-introduce the infection to steal confidential information from Magento based online e-commerce websites. So, if you have already cleaned up your hacked Magento website, there…
Intelligent IoT Vulnerability Scanner for communication service providers launched to assess and predict cybersecurity risks
Dojo by BullGuard, a provider of IoT security platform for Communication Service Providers (CSPs), has launched the Dojo Intelligent IoT Vulnerability Scanner for CSPs. Designed as an easy-to-use, free app for customers, the Dojo Intelligent Scanner is powered by the Dojo IoT Security Intelligent Platform (DIP), a…
Z-Wave Downgrade Attack Left Over 100 Million IoT Devices Open to Hackers
Researchers have found that even after having an advanced encryption scheme in place, more than 100 million Internet-of-Things (IoT) devices from thousands of vendors are vulnerable to a downgrade attack that could allow attackers to gain unauthorized access to your devices. The issue resides in…
Stay connected