Researchers from SEC consult analyzed more than 4000 firmware’s embedded devices, where is included devices belonging to 70 vendors. The findings are astonishing! Researchers from SEC consult analyzed more than 4000 firmware’s embedded devices, where is included devices belonging to 70 vendors. The categories of devices analyzed include Internet gateways, routers, modems, IP cameras, VoIP […]
A new security audit the TrueCrypt software confirmed that even if it is plagued by some vulnerabilities, the application is effective when it comes to protecting data. TrueCrypt, secure or insecure … that is the question. A group of Ten auditors from the Fraunhofer Institute for Secure Information Technology has conducted a six-month audit of TrueCrypt […]
Evaluation of DHS Information Security Program for Fiscal Year 2015 revealed the existence of dozens of top-secret unpatched databases. The story I’m about to tell you is staggering, the US Department of Homeland Security is running dozens of unpatched and vulnerable databases, a number of them contained information rated as “secret” and even “top secret.” The discovery emerged […]
A research published by CyberArk Labs focuses on targeted attacks against organizational networks, analyzing hackers’ methods, tools and techniques. Bad news for network administrators, according to the security company CyberArk, 88 percent of networks are susceptible to privileged account hacks. The report published by CyberArk entitled “Analyzing Real-World Exposure to Windows Credential Theft Attacks” reveals that corporate […]
Experts from Check Point firm published a new report on the Rocket Kitten APT that include more insight into the activities of the group. Do you remember the Rocket Kitten ATP? The Rocket Kitten group has been suspected to be active since 2011 and have been increasing their activity since 2014. The main targets are based in the Middle […]
Security Experts at InfoArmor discovered GovRAT, a malware-signing-as-a-service platform that is offered to APT groups in the underground. In the past, I have explained why digital certificates are so attractive for crooks and intelligence agencies, one of the most interesting uses is the signature of malware code in order to fool antivirus. Naturally, digital certificates […]
The ISACA study “2015 Advanced Persistent Threat Awareness-Third Annual” tries to uncover information security professionalsâ understanding of APT threats. A new report published by the ISACA organization that surveyed more than 660 cyber security professionals reveals that more than one in four organizations (28%) have already suffered an APT attack. According to the experts, the BYOD is increasing […]
Experts at Netcraft discovered that nearly a million SSL SHA-1 certificates were signed with the potentially vulnerable SHA-1 hashing algorithm. Businesses Using Millions of Flawed Certificates, the news is shocking and refers the adoption of SHA-1 certificates, despite the algorithm is considered no more secure. Many big businesses, including firms like Deloitte, are still using SHA-1 certificates, […]
A new research conducted by Citizen Lab revealed that the number of governments using the FinFisher surveillance software has increased. Researchers at Citizen Lab have been monitoring the use of surveillance tools like FinFisher over the past years reporting its use by totalitarian governments. The researchers tracked the physical locations of servers belonging to the control infrastructure used […]
Researchers probed 20,400 Android devices and found 87.7 per cent contained at least one exploitable vulnerability due to a slow patch management. New Android vulnerabilities are discovered every day, but it looks like that, some Android vendors are very slow in applying the necessary patch to fix the security issues. Some Android vendors are only […]