Microsoft has spotted a new hacking campaign targeting 2018 midterm elections, the experts attributed the attacks to Russia-linked APT28 group. Microsoft has spotted a new hacking campaign targeting 2018 midterm elections. The tech giant attributed to Russia-linked APT28 a series of cyber attacks aimed at Members of United States’ Senate, conservative organizations and think tanks. […]
Cybersecurity firm NCC Group has released an open source tool for penetration testers that allows carrying out DNS rebinding attacks. Security firm NCC Group has released an open source tool for penetration testing dubbed Singularity of Origin that allows carrying out DNS rebinding attacks. Singularity also aims to raise awareness on how DNS rebinding attacks work and […]
Anonymous targeted many governments websites in Spain to protest against the Government’s efforts to block Catalonia ‘s separatist wave. Members of the notorious Anonymous collective claimed responsibility for bringing down several government websites in Spain on Monday to protest against the decision of the government to block Catalonia’s separatist drive. Anonymous brought down the websites of the […]
Major Internet service providers (ISPs) in Canada were impacted by a local file disclosure flaw in the SOLEO IP Relay service that was recently addressed. Almost all major Internet service providers (ISPs) in Canada were impacted by a local file disclosure vulnerability in the SOLEO IP Relay service that was recently addressed. Telecommunications relay services (TRSs) developed by Soleo […]
A glitch in the live streaming platform Twitch may have exposed some of its users’ private messages to other users. The company is notifying affected users. The live streaming platform Twitch warning users that a glitch may have exposed some of their private messages to other users. The company sent out the notifications to some broadcasters informing them that […]
The popular malware researchers Marco Ramilli has analyzed a malware that remained under the radar for more than two years. Today I’d like to share the following reverse engineering path since it ended up to be more complex respect what I thought. The full path took me about hours work and the sample covers many […]
Researchers from Trustwave have uncovered a malspam campaign targeting banks with the FlawedAmmyy RAT. The peculiarity of this malspam campaign is the unusual use of a Microsoft Office Publisher file to infect victimsâ systems. Experts noticed an anomalous spike in the number of emails with a Microsoft Office Publisher file (a .pub attachment) and the subject line, âPayment Advice,â that was sent to domains belonging […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·     DNS Hijacking targets Brazilian financial institutions ·     […]
The North Korea-linked Dark Hotel APT group is leveraging the recently patched CVE-2018-8373 vulnerability in the VBScript engine in attacks in the wild. The vulnerability affects Internet Explorer 9, 10 and 11, it was first disclosed last month by Trend Micro and affected all supported versions of Windows. The flaw could be exploited by remote attackers […]
Security experts have observed increasing cyber espionage activity related to Chinaâs Belt and Road Initiative (BRI). The alarm was launched by the experts from cybersecurity firms FireEye and Recorded Future. Chinaâs Belt and Road Initiative (BRI) is a development project for the building of an infrastructure connecting countries in Southeast Asia, Central Asia, the Middle East, Europe, […]