Archive for December, 2015


On December 18th, 2015 Juniper issued an advisory indicating that they had discovered unauthorized code in the ScreenOS software that powers their Netscreen firewalls. This advisory covered two distinct issues; a backdoor in the VPN implementation that allows a passive eavesdropper to decrypt traffic and a second backdoor that allows an attacker to bypass authentication in the SSH and Telnet daemons. Continue reading

Cybergangs set out to ruin Christmas with massive DDoS attacks against popular gaming networks.

After claiming responsibility for an attack against the Xbox Live service last week, the Phantom Squad hacking group threatened to shut down the Microsoft gaming service and the PlayStation Network (PSN) on Christmas Day, but whether or not the group has the ability to do so remains to be seen. Continue reading

On Thursday, Juniper announced that some of their products were affected by “unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen® devices and to decrypt VPN connections”. That sounds like an attacker managed to subvert Juniper’s source code repository and insert a backdoor. Of course, any glimpses that we get of these sorts of attacks are fascinating. Continue reading

peter-sundePirate Bay co-founder Peter Sunde served his prison sentence last year but still owes the entertainment industries millions in damages. Some might think that he’s learned his lesson, but with a newly built copying machine he’s generating millions of extra ‘damages,’ which might be worth a mention in the Guinness Book of Records. Continue reading


In recent weeks, we have witnessed a very large up rise in TeslaCrypt infection attempts. TeslaCrypt is a relatively new ransomware, first reported in the beginning of 2015. Continue reading


ENCRYPTION BACKDOORS HAVE been a hot topic in the last few years—and the controversial issue got even hotter after the terrorist attacks in Paris and San Bernardino, when itdominated media headlines. It even came up during this week’s Republican presidential candidate debate. Continue reading

An operating system used to manage firewalls sold by Juniper Networks contains unauthorized code that surreptitiously decrypts traffic sent through virtual private networks, officials from the company warned Thursday. Continue reading

Today, Rapid7 is disclosing several vulnerabilities affecting several Network Management System (NMS) products. These issues were discovered by Deral Heiland of Rapid7 and independent researcher Matthew Kienow, and reported to vendors and CERT for coordinated disclosure per Rapid7’s disclosure policy.

Continue reading

Over the past year, Talos has devoted a significant amount of time to better understanding how ransomware operates, its relation to other malware, and its economic impact. This research has proven valuable for Talos and led the development of better detection methods within the products we support along with the disruption of adversarial operations.

Continue reading

Payment cards without an EMV chip have reached their end-of-life. Point of Sale (PoS) malware, such asPoSeidon, has continued to threaten businesses. The news is continually filled with stories of payment card data being stolen through a breach in the company’s PoS system. From high-end hotels to large retail firms, threat actors are attacking PoS systems in the attempt to capture payment card data. Continue reading