Latest Entries »

Visa, MasterCard, and Symantec among dozens affected by “suspicious” BGP mishap.

View full article »

PHOTO: Dina Mitchell shows a picture of her Fitbit after it allegedly caught fire.

A Wisconsin woman said she suffered second-degree burns on her arm after her Fitbit tracker exploded. Dina Mitchell said she had owned her Fitbit Flex 2 for about two weeks when the fitness tracking device allegedly caught fire on her arm while she was reading a book on Tuesday night.

View full article »

People often assume that if you’re running OSX, you’re relatively safe from malware. But this is becoming less and less true, as evidenced by a new strain of malware encountered by the Check Point malware research team. This new malware – dubbed OSX/Dok — affects all versions of OSX, has 0 detections on VirusTotal (as of the writing of these words), is signed with a valid developer certificate (authenticated by Apple), and is the first major scale malware to target OSX users via a coordinated email phishing campaign. View full article »

Successful exploitation of this vulnerability may allow a remote attacker to obtain weakly encrypted user passwords, which could be used to gain unauthorized access to affected products.

View full article »

Electricity is of paramount importance in our everyday lives. Our dependence on it is particularly evident during even brief power outages. You can think of power systems as the backbone of critical infrastructures. To date, cyber-attacks against power systems are considered to be extremely sophisticated and only within the reach of nation-states. However, through this presentation we will challenge this perception, and provide a structured methodology towards attacking a power system on a limited budget.

View full article »

cassini saturn grand finale illustration artwork nasa jpl caltech 14

NASA’s Cassini probe is doomed. The nuclear-powered robot — part of a $3.26 billion, three-decade-long effort — has orbited Saturn for nearly 13 years. But it’s running dangerously low on fuel. View full article »

Talos is disclosing TALOS-2017-0310 / CVE-2017-2813, an arbitrary code execution vulnerability in the JP2 plugin for IrfanView image viewer. IrfanView is a widely used, Windows based, image viewing and editing application.

View full article »

Zabbix is an enterprise monitoring solution that is designed to give organizations the ability to monitor the health and status of various systems within their networks, including: network services, servers, and networking equipment. Cisco recently discovered multiple vulnerabilities in the Zabbix Server software component that could be leveraged by attackers to write directly to the Zabbix Proxy database or achieve remote code execution on the Zabbix Server.

View full article »

Use of DNS Tunneling for C&C Communications

Network communication is a key function for any malicious program. Yes, there are exceptions, such as cryptors and ransomware Trojans that can do their job just fine without using the Internet. However, they also require their victims to establish contact with the threat actor so they can send the ransom and recover their encrypted data. View full article »

APT Threat Evolution in Q1 2017

An Expert Take on Targeted Attack Operations

View full article »