Archive for March, 2019

On March 25, Kim Zetter published an astonishing story describing a supply-chain attack against ASUS which was run between June and November 2018. The ASUS Live Update software was backdoored in order to attack a very specific group of targets. The campaign, named ShadowHammer, was discovered and investigated by Kaspersky Lab, which will present the full details during SAS2019. Continue reading

Reverse engineer and document the Operation ShadowHammer malware and its shellcode in-depth as it was originally discovered and reported by Kaspersky Labs. Continue reading

And then there was ShadowHammer, the supply chain attack on the ASUS Live Update Utility between June and November 2018, which was discovered by Kaspersky earlier this year, and made public a few days ago. Continue reading

During the last weeks, Yoroi’s monitoring operation intercepted some malicious emails required further attention: they were sent to a very few organizations and the contents was specifically tailored for Italian speaking targets. This messages warned the users about imminent summons against them, inviting them to read the attached lawsuit, a not so innocent looking file named “Avviso del tribunale.jar”. Continue reading

Magento Commerce and Open Source 2.3.1, 2.2.8 and 2.1.17 contain multiple security enhancements that help close Remote Code Execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities. Continue reading

Toyota Motor Corp. said Friday that data on roughly 3 million customers was stolen from its sales companies’ computer systems in Tokyo following a hacking attack. Continue reading

After a security incident in February at its Australian subsidiary, Toyota Motor Corp. has suffered its second security breach in the last five weeks, with today’s breach announced by the company’s main offices in Japan. Continue reading

For penetration testers looking for a stable and supported Linux testing platform, the industry agrees that Kali is the go-to platform. However, if you’d prefer to use Windows as an operating system, you may have noticed that a worthy platform didn’t exist. As security researchers, every one of us has probably spent hours customizing a Windows working environment at least once and we all use the same tools, utilities, and techniques during customer engagements. Continue reading

The Internet Crime Complaint Center (IC3) has received multiple complaints from victims who were contacted via phone, text or other chat application by individuals speaking a Chinese dialect and claiming to be from the Chinese embassy or consulate. Other victims reported being contacted by individuals claiming to be from a shipping company stating there is a package waiting for the victim at the Chinese embassy. The phone calls are frequently spoofed1 in order to appear from a legitimate source. Continue reading

Although heavily focused on the Middle East, Elfin (aka APT33) has also targeted a range of organizations in the U.S. including a number of major corporations.

Continue reading