April 25, 2017  By Pierluigi Paganini   Malware researchers from security firm ESET have discovered a new Linux threat dubbed Shishiga malware targeting systems in the wild.                                  Malware researchers from ESET have discovered a new Linux malware dubbed Linux/Shishiga targeting systems in the wild. The Linux/Shishiga malware uses four different protocols (SSH, Telnet, HTTP and BitTorrent)… Continue reading Linux Shishiga malware, a threat in dangerous evolution

A significant number of today’s malware attacks are through zero-day exploits. The reason – many enterprises do not have the resources to identify zero-day exploit attacks. Relying on their legacy antivirus solution for their system security program, many do believe that they are safe. However, this is far from reality. Legacy antivirus solutions provide cyber… Continue reading Most Present-Day Malware Attacks Exploit Zero-Day Vulnerabilities

Skype has been comprised and targeted by your friendly neighborhood CIA agent as revealed in latest WikiLeaks leak, code-named “Vault 7”. This is not trivial since Skype boasts that it has more than 300 million monthly active users as of March 2016. Recent CIA Wikileaks release mentions “Skype” hack for spying on users, under the… Continue reading Skype hacked by CIA

A new research centre to tackle cyber attacks has been set up in Cardiff.         Launching the Centre of Excellence in Cyber Security Analytics, Cardiff University and Airbus said it was the first of its kind in Europe. Their research will aim to protect corporate IT networks, intellectual property and critical national… Continue reading Cardiff cyber security research centre ‘first in Europe’

By Chris Brook April 24, 2017                                                 The PHP-based webmail package SquirrelMail suffers from a remote code execution vulnerability that could let attackers execute arbitrary commands on the target and compromise the system.   Dawid Golunski, a researcher with Legal Hackers discovered the vulnerability and reported… Continue reading No Fix for SquirrelMail Remote Code Execution Vulnerability

24th April 2017  By Travis Farral   It’s hard to become a threat intelligence pro, but there are three primary ways of going about it.   The cybersecurity skills shortage is nothing new, and as the demand for cybersecurity experts continues to grow — an expected 53% through 2018, according to the Bureau of Labor… Continue reading The Road Less Traveled: Building a Career in Cyberthreat Intelligence

See Also – Rash of in-the-wild attacks permanently destroys poorly secured IoT devices   Zeljka Zorz – April 24, 2017   The author of BrickerBot, which “bricks” IoT devices by rewriting the flash storage space and wiping files, has emerged to explain that the malware first attempts to secure the units without damaging them.  … Continue reading BrickerBot bricked 2 million IoT devices, its author claims

April 23, 2017  By Pierluigi Paganini   As Australia’s newly approved Data Retention law comes into effect, how does the law actually affect the average coutry internet user?               As Australia’s newly approved Data Retention law comes into effect, internet users across the country are frantically searching for a way to dodge government surveillance and ISP… Continue reading What Is Metadata Retention, And How Do You Maintain Your Privacy?

Sec Consult security researchers discovered a vulnerability in Nvidia’s GeForce Experience software that allows attackers to bypass Windows application whitelisting.   Nvidia’s GeForce Experience is a program that Nvidia installs by default in its driver packages. The program, initially designed to provide users with good configurations for computer games so that they run better on… Continue reading Nvidia GeForce Experience Node.js security vulnerability

Routines and techniques build on those of the malware’s predecessor, DressCode. David Bisson | April 22, 2017                                     A new Android malware family is able to blend in with normal network traffic and avoid detection by encrypting its payloads, in order to access internal networks.   The backdoor, known as MilkyDoor, has so… Continue reading MilkyDoor malware turns Androids into backdoors to attack enterprise networks