Attackers demonstrated the power of an IoT-fueled botnet in 2016 when the Mirai botnet took down major websites like Reddit, Twitter and GitHub. Despite the damages, no significant changes to the IoT industry occurred. As a matter of fact, consumers continue to purchase and deploy IoT devices with little care outside the guarantee that the device works and the price tag is cheap. Manufacturers continue to pump...
Read More
Netflix is home to more than 100 million users from around the world and since it is a paid service the chances of online threats against the service are higher than usual. Recently, HackRead detected a phishing scam that targets personal and financial data of Netflix users in the name of updating their payment method. Although there is nothing new about Netflix scams, when a phishing email comes right in your...
Read More
In a Dark Web marketplace, one can buy anything from illegal drugs to weapons, fake documents to malicious software and even stolen databases, etc. Although after the shut down of Hansa and AlphaBay marketplace, buying and selling have slowed down. It does not, however, mean it has been fully curbed. Recently, a dark web monitoring firm 4iQ discovered a massive trove of 41GB data file containing 1.4 billion billion login credentials including emails and...
Read More
Despite the huge impact WannaCry and NotPetya had on organizations, the two ransomware campaigns earlier this year did little to affect budgets or boardroom interest in security, according to a new study. AlienVault polled over 230 information security professionals around the world to see if anything had changed following the two major attack campaigns of May and June. The bad news is that only 14% have...
Read More
The Indian Defence Ministry has advised troops stationed on the Chinese border to uninstall Chinese-made apps from their smartphones. In an advisory sent to troops at the end of November, Indian authorities warned soldiers that Chinese apps transmit user data back to servers located in China, and the Chinese government may use data collected by these services to pinpoint their location across the border. Advisory...
Read More
HP has released driver updates for hundreds of notebook models to remove debugging code that an attacker could have abused as a keylogger component. The keylogging code was present in the SynTP.sys file, which is part of the Synaptics Touchpad driver that ships with some HP notebook models. “The logging was disabled by default but could be enabled by setting a registry value,” said Michael Myng,...
Read More
Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with...
Read More
A vulnerability in the mobile apps of major banks could have allowed attackers to steal customers’ credentials including usernames, passwords, and pin codes, according to researchers. The flaw was found in apps by HSBC, NatWest, Co-op, Santander, and Allied Irish bank. The banks in question have now all updated their apps to protect against the flaw. Uncovered by researchers in the Security and Privacy Group...
Read More
Researchers have discovered a method that hackers could use to stealthily exfiltrate data from air-gapped industrial networks by manipulating the radio frequency (RF) signal emitted by programmable logic controllers (PLCs). Attackers may be able to plant a piece of malware on an isolated network, including via compromised update mechanisms or infected USB drives, but using that malware to send valuable data outside the organization poses...
Read More
Today, at the Black Hat Europe 2017 security conference in London, two security researchers from cyber-security firm enSilo have described a new code injection technique called “Process Doppelgänging.” This new attack works on all Windows versions and researchers say it bypasses most of today’s major security products. Process Doppelgänging is somewhat similar to another technique called Process Hollowing, but with a twist, as it utilizes...
Read More
