Latest Entries »

EVERY WEEK IN Tokyo’s Ichigaya district, about three miles northeast of the bright neon lights and swarming crowds in the heart of Shibuya, a driver quietly parks a black sedan-style car outside a gray office building.

View full article »

The OilRig group maintains their persistent attacks against government entities in the Middle East region using previously identified tools and tactics. As observed in previous attack campaigns, the tools used are not an exact duplicate of the previous attack and instead is an iterative variant.

View full article »

Unit 42 researchers have been tracking Subaat, an attacker, since 2017. Recently Subaat drew our attention due to renewed targeted attack activity. Part of monitoring Subaat included realizing the actor was possibly part of a larger crew of individuals responsible for carrying out targeted attacks against worldwide governmental organizations.

View full article »

High-end vehicles are often equipped with a Passive Keyless Entry and Start (PKES) system. These PKES systems allow to unlock and start the vehicle based on the physical proximity of a paired key fob; no user interaction is required. View full article »

Cell phone map graphic

Demonstrating a potential privacy breach, a team of Princeton University engineers has developed an app that can locate and track people through their smartphones even when access to the Global Positioning System, or GPS, data on their devices is turned off. View full article »

Samsung’s DeX Station dock lets you connect select Samsung phones to a monitor, mouse, and keyboard and use the phone as if it were a desktop PC. View full article »

The Raspberry Pi line of computers can run a wide range of software including a variety of GNU/Linux distributions and Google Android. But while Microsoft’s Windows 10 IoT Core can also run on a Raspberry Pi, there’s officially no way to run a full-fledged desktop version of Windows on the tiny, low-power computer. View full article »

On Jan. 31, KISA (KrCERT) published an advisory about an Adobe Flash zero-day vulnerability (CVE-2018-4878) being exploited in the wild. On Feb. 1, Adobe issued an advisory confirming the vulnerability exists in Adobe Flash Player 28.0.0.137 and earlier versions, and that successful exploitation could potentially allow an attacker to take control of the affected system. View full article »

Triton Malware Triconex

Mandiant recently responded to an incident at a critical infrastructure organization where an attacker deployed malware designed to manipulate industrial safety systems. The targeted systems provided emergency shutdown capability for industrial processes. We assess with moderate confidence that the attacker was developing the capability to cause physical damage and inadvertently shutdown operations.  View full article »

This Security Alert addresses CVE-2017-10151, a vulnerability affecting Oracle Identity Manager. This vulnerability has a CVSS v3 base score of 10.0, and can result in complete compromise of Oracle Identity Manager via an unauthenticated network attack. The Patch Availability Document referenced below provides a full workaround for this vulnerability, and will be updated when patches in addition to the workaround are available. View full article »