Sennheiser Headset Software Could Allow Man-in-the-Middle SSL Attacks

Sennheiser Headset Software Could Allow Man-in-the-Middle SSL Attacks

Buyers of certain Sennheiser headset products may have inadvertantly installed a root certificate giving access to malicious actors ...
Cryptojacking Attack Targets Make-A-Wish Foundation

Cryptojacking Attack Targets Make-A-Wish Foundation

The Drupalgeddon 2 attack takes advantage of Drupal installations that have not patched CVE-2018-7600 and CVE-2018-7602, two vulnerabilities that have already been targeted this year ...
New Botnet Targets Unpatched Router Vulnerability, Because Of Course

New Botnet Targets Unpatched Router Vulnerability, Because Of Course

Attackers thrive on old, unpatched vulnerabilities. They are not going to burn a zero-day exploit unless they absolutely have to and will look for known holes in devices and network configurations to ...
Hey Criminals! Don't Trust Your Shady Encryption Providers

Hey Criminals! Don’t Trust Your Shady Encryption Providers

| | hacks, news reaction
Given the technical bugs in IronChat's application, it already throws red flags as an insecure tool for use by a clandestine organization ...
It's Hard to Find Android Malware in the Google Play Store

It’s Hard to Find Android Malware in the Google Play Store

The rate of malware actually on people’s devices does not match Android’s reputation for being a hellpit of malicious apps and activity ...
Ecommerce "Formjacking" is Attackers New Kind of Card Skimming

Ecommerce “Formjacking” is Attackers New Kind of Card Skimming

"Every additional domain reference or third-party package is a risk multiplier. These days there isn’t a good way for most people to quantify the risk posed by any particular page." ...
Persistence of SamSam Ransomeware Attacks Highlight Basic Security Flaws

Persistence of SamSam Ransomeware Attacks Highlight Basic Security Flaws

SamSam attackers know what they are doing. This is not some fly-by-night operation of opportunity. SamSam and other ransomware attacks expose basic failings in security ...
China Turns to Insiders in Latest Move to Win Economic Cyber War

China Turns to Insiders in Latest Move to Win Economic Cyber War

| | hacks, news reaction
The hackers used a range of techniques, including spear phishing, sowing multiple different strains of malware into company computer systems ...
Malicious Python Packages Provide a Backdoor to the Careless Coder

Malicious Python Packages Provide a Backdoor to the Careless Coder

The code was designed to collect data from the infected system, obtain boot persistence or, “even open a reverse shell on remote workstations ...
Nation State Hackers "GreyEnergy" Target Ukraine's Power Grid

Nation State Hackers “GreyEnergy” Target Ukraine’s Power Grid

| | hacks, news reaction
It appears that after the press that BlackEnergy received, the attack group rewrote some of their custom attack tooling and systems ...
Loading...