The development team at NetBSD is going to implement the KASLR (kernel Address Space Layout Randomisation) for 64-bit AMD processors. The KASLR coding technique allows randomizing the location of memory where the NetBSD kernel is loaded. The ASRL technique is widely adopted as a security measure to protect applications from the exploitation of vulnerabilities like buffer overflow because […]
The CSE CybSec Z-Lab Malware Lab spotted a new botnet, dubbed Wonder botnet, while it was investigating malicious code in the dark web. While investigating the malicious code in the dark web, ZLab experts discovered a “NetflixAccountGenerator.exe” that promises to generate a premium account for Netflix services for free. Unfortunately, the software downloaded does not […]
The US DHS and the FBI have issued a warning that APT groups are actively targeting energy firms and critical infrastructure. The US Department of Homeland Security (DHS) and the FBI have issued a warning that APT groups are actively targeting government departments, and firms working in the energy, nuclear, water, aviation, and critical manufacturing […]
The APT28 group is trying to exploit the CVE-2017-11292 Flash zero-day before users receive patches or update their systems. Security experts at Proofpoint collected evidence of several malware campaigns, powered by the Russian APT28 group, that rely on a Flash zero-day vulnerability that Adobe patched earlier this week. According to the experts who observed attacks on organizations […]
An NSA leaked document about the BADDECISION hacking tool raises the doubt about National Security Agency knew the Krack attack since 2010. Security experts are questioning the NSA about the recently disclosed Krack attack the allows an attacker to decrypt information included in protected WPA2 traffic. Security experts believe that the National Security Agency was aware of the […]
Canada’s Communications Security Establishment (CSE) intel agency has released the source code for one of its malware analysis tools dubbed Assemblyline. The Canada’s Communications Security Establishment (CSE) intelligence agency has released the source code for one of its malware detection and analysis tools dubbed Assemblyline. The Assemblyline tool is written in Python and was developed under the […]
Malware researchers at Check Point have uncovered a new massive IoT botnet that presented many similarities with the dreaded Mirai. The new thing bot emerged at the end of September and appears much more sophisticated, according to the experts the malware already infected more than one million organizations worldwide. The malicious code tries to exploit many known-vulnerabilities […]
Some kid smartwatches available for sale in Europe pose security and privacy risks, including potentially allowing hackers to take control over them. The European Consumer Organisation (BEUC) warns that most children’s GPS-tracking smartwatches represent a threat for them. Many devices are affected by security vulnerabilities that could be exploited by an attacker to take control over […]
Trend Micro recently observed a new campaign leveraging the Ursnif banking Trojan using new malicious macro tactics payload delivery and evade detection. Researchers at Trend Micro have recently spotted a new campaign leveraging the Ursnif banking Trojan featuring new malicious macro tactics for payload delivery. Malicious macros are widely adopted by crooks for malware distribution, usually, they […]
Google has launched Google Play Security Reward, the bug bounty program that will pay $1,000 rewards for flaws in popular apps. Google has officially launched a bug bounty program for Android apps on Google Play Store, a measure that aims to improve the security of Android apps. The initiative, called Google Play Security Reward, will involve the […]