Researchers uncovered a new cyber espionage campaign involving the Kasperagent spyware delivered with Palestine-Themed decoy files. In March, experts at security firm Qihoo 360 have spotted a cyber espionage campaign conducted by a threat actor tracked as APT-C-23 and Two-Tailed Scorpion. A few weeks later, in April, researchers at Palo Alto Networks and ClearSky also shared the […]
The Dutch developer Luke Paris has created a PHP rootkit that hides in PHP server modules, he also explained why it is more dangerous of classic rootkits. The Dutch developer Luke Paris has created a rootkit that hides in PHP server modules that could be used by attackers to take over web servers. While classic […]
The British hacker Sean Caffrey, 25, from Sutton Coldfield pleaded guilty to stealing satellite data from US Department of Defense (DoD). The British hacker Sean Caffrey, 25, from Sutton Coldfield pleaded guilty to stealing user accounts from a U.S. military communications system. According to the NCA, the man admitted in the Birmingham Crown Court to stealing […]
The Nmap project announced the release of Nmap 7.50, the first big release since last December that has hundreds of improvements. Nmap 7.50 is the new release of the popular the Network Mapper, the previous release dates back December 2016 and the new one brings hundreds of improvements. Nmap 7.50 includes the Npcap packet capturing driver […]
The number of fileless malware continues to increase, recently security researchers spotted a new Fileless Ransomware dubbed Sorebrect. Sorebrect is able to inject malicious code into a legitimate system process (svchost.exe) on a targeted system and it terminates its binary to evade detection. It also make hard forensics analysis by deleting the affected systemâs event logs using […]
A study conducted by the security firm Rapid7 revealed that millions of devices remain exposed to cyber attacks via SMB, Telnet, RDP, and other types of improper configurations. Rapid7 published the second report National Exposure Index that provides Internet service providers (ISPs) worldwide information about the global exposure of devices. The researchers scanned the Internet for improperly configured services, […]
Researchers at the security firm Yoroi have discovered a False Flag Attack on Multi-Stage Delivery of Malware to Italian Organisations. Everything started from a well edited Italian language email (given to me from a colleague of mine, thank you Luca!) reaching out many Italian companies. The Italian language email had a weird attachment: ordine_065.js (it […]
Microsoft released the June 2017 Patch Tuesday to address more than 90 security flaws, including two critical RCE that have been exploited in attacks. Microsoft released June Patch Tuesday updates that address more than 90 vulnerabilities, including two critical remote code execution (RCE) vulnerabilities that have been exploited in attacks. The first vulnerability, tracked as CVE-2017-8464, […]
On Tuesday, Adobe released updates for Flash Player, Shockwave Player, Captivate and Digital Editions addressing a total of 20 vulnerabilities. Some vulnerabilities fixed by Adobe are critical remote code execution issue, the last release, version 26.0.0.126, addressed nine flaws in Flash Player. The vulnerabilities were tracked as CVE-2017-3075, CVE-2017-3081, CVE-2017-3083, CVE-2017-3084, CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, and CVE-2017-3082. […]
Researcher Luca Bongiorni has detailed the procedure to weaponize a new mouse with WHID Injector to show you how to create malicious HID devices. Hello there! Finally, I had some spare time to Weaponize a new Mouse, in order to show you how easy is possible to create malicious HID devices. Materials Needed: WHID Injector […]