April 25, 2017 By Pierluigi Paganini Malware researchers from security firm ESET have discovered a new Linux threat dubbed Shishiga malware targeting systems in the wild. Malware researchers from ESET have discovered a new Linux malware dubbed Linux/Shishiga targeting systems in the wild. The Linux/Shishiga malware uses four different protocols (SSH, Telnet, HTTP and BitTorrent)… Continue reading Linux Shishiga malware, a threat in dangerous evolution
Most Present-Day Malware Attacks Exploit Zero-Day Vulnerabilities
A significant number of today’s malware attacks are through zero-day exploits. The reason – many enterprises do not have the resources to identify zero-day exploit attacks. Relying on their legacy antivirus solution for their system security program, many do believe that they are safe. However, this is far from reality. Legacy antivirus solutions provide cyber… Continue reading Most Present-Day Malware Attacks Exploit Zero-Day Vulnerabilities
Skype hacked by CIA
Skype has been comprised and targeted by your friendly neighborhood CIA agent as revealed in latest WikiLeaks leak, code-named “Vault 7”. This is not trivial since Skype boasts that it has more than 300 million monthly active users as of March 2016. Recent CIA Wikileaks release mentions “Skype” hack for spying on users, under the… Continue reading Skype hacked by CIA
Cardiff cyber security research centre ‘first in Europe’
A new research centre to tackle cyber attacks has been set up in Cardiff. Launching the Centre of Excellence in Cyber Security Analytics, Cardiff University and Airbus said it was the first of its kind in Europe. Their research will aim to protect corporate IT networks, intellectual property and critical national… Continue reading Cardiff cyber security research centre ‘first in Europe’
No Fix for SquirrelMail Remote Code Execution Vulnerability
By Chris Brook April 24, 2017 The PHP-based webmail package SquirrelMail suffers from a remote code execution vulnerability that could let attackers execute arbitrary commands on the target and compromise the system. Dawid Golunski, a researcher with Legal Hackers discovered the vulnerability and reported… Continue reading No Fix for SquirrelMail Remote Code Execution Vulnerability
The Road Less Traveled: Building a Career in Cyberthreat Intelligence
24th April 2017 By Travis Farral It’s hard to become a threat intelligence pro, but there are three primary ways of going about it. The cybersecurity skills shortage is nothing new, and as the demand for cybersecurity experts continues to grow — an expected 53% through 2018, according to the Bureau of Labor… Continue reading The Road Less Traveled: Building a Career in Cyberthreat Intelligence
BrickerBot bricked 2 million IoT devices, its author claims
See Also – Rash of in-the-wild attacks permanently destroys poorly secured IoT devices Zeljka Zorz – April 24, 2017 The author of BrickerBot, which “bricks” IoT devices by rewriting the flash storage space and wiping files, has emerged to explain that the malware first attempts to secure the units without damaging them. … Continue reading BrickerBot bricked 2 million IoT devices, its author claims
What Is Metadata Retention, And How Do You Maintain Your Privacy?
April 23, 2017 By Pierluigi Paganini As Australia’s newly approved Data Retention law comes into effect, how does the law actually affect the average coutry internet user? As Australia’s newly approved Data Retention law comes into effect, internet users across the country are frantically searching for a way to dodge government surveillance and ISP… Continue reading What Is Metadata Retention, And How Do You Maintain Your Privacy?
Nvidia GeForce Experience Node.js security vulnerability
Sec Consult security researchers discovered a vulnerability in Nvidia’s GeForce Experience software that allows attackers to bypass Windows application whitelisting. Nvidia’s GeForce Experience is a program that Nvidia installs by default in its driver packages. The program, initially designed to provide users with good configurations for computer games so that they run better on… Continue reading Nvidia GeForce Experience Node.js security vulnerability
MilkyDoor malware turns Androids into backdoors to attack enterprise networks
Routines and techniques build on those of the malware’s predecessor, DressCode. David Bisson | April 22, 2017 A new Android malware family is able to blend in with normal network traffic and avoid detection by encrypting its payloads, in order to access internal networks. The backdoor, known as MilkyDoor, has so… Continue reading MilkyDoor malware turns Androids into backdoors to attack enterprise networks