Latest Entries »


An underground market peddling hacked servers was a unique find, even for a seasoned researcher such Juan Andres Guerrero-Saade of Kaspersky Lab. View full article »

Over last two years a new kind of underground market has flourished, and xDedic is a perfect example. “xDedic” is a trading platform where cybercriminals can purchase any of over 70,000 hacked servers from all around the internet. It appears to be run by a Russian-speaking group of hackers. View full article »

Loosely coupled microservices and swarms of databases are the new blob-busting hotness.

View full article »


Much has been reported and discussed about the bank heists that affected BangladeshVietnam, and Ecuador. All three cases involved the Society for Worldwide Interbank Financial Transfers (SWIFT), a system used by financial/banking institutions worldwide for communicating financial messages or instructions, and has more than 10,000 customers from the financial sector: banks, brokerage institutions, foreign exchanges, and investment firms, among others. View full article »

Memory deduplication is a popular technique to reduce the memory footprint of a running system by merging memory pages with the same contents. Until recently, its primary use was in virtualization solutions, allowing providers to host more virtual machines with the same amount of physical memory [32], [34], [7]. The last five years, however, have witnessed an increasingly widespread use of memory deduplication, with Windows 8.1 (and later versions) adopting it as a default feature inside the operating system itself [6].

View full article »

DRAM, dude! Rowhammer brings down secure browser

View full article »

In the first week of May 2016, FireEye’s DTI identified a wave of emails containing malicious attachments being sent to multiple banks in the Middle East region. The threat actors appear to be performing initial reconnaissance against would-be targets, and the attacks caught our attention since they were using unique scripts not commonly seen in crimeware campaigns. View full article »

CVE-2015-2545: overview of current threats

CVE-2015-2545 is a vulnerability discovered in 2015 and corrected with Microsoft’s update MS15-099. The vulnerability affects Microsoft Office versions 2007 SP3, 2010 SP2, 2013 SP1 and 2013 RT SP1. View full article »

SWIFT header.jpg

Bank in Philippines was also targeted by attackers, whose malware shares code with tools used by Lazarus group. View full article »

Security researchers have tied the recent spate of digital breaches on Asian banks to North Korea, in what they say appears to be the first known case of a nation using digital attacks for financial gain.

View full article »