Yearly Archives: 2017
Russian Fancy Bear APT Group improves its weapons in ongoing campaigns
Fancy Bear APT group refactored its backdoor and improved encryption to make it stealthier and harder to stop. The operations conducted by Russian Fancy Bear APT group (aka Sednit, APT28, and Sofacy, Pawn […]
Mozilla patches five issues in Thunderbird, including a critical flaw
Mozilla issued a critical security update to address five flaws in the popular open-source Thunderbird email client. The latest release, Thunderbird 52.5.2 version, fixes the vulnerabilities, including two issues rated as […]
Financially motivated attacks reveal the interests of the Lazarus Group
Researchers at security firm Proofpoint collected evidence of the significant interest of the Lazarus APT group in cryptocurrencies, the group’s arsenal of tools, implants, and exploits is extensive and under constant development. […]
Cyber Defense eMagazine Subscription
Every month we deliver CDM eMagazine with 80-110 pages packed with cyber security best practices, tips and ideas. It’s always free. There are no strings attached. We never sell your […]
#Backdoor in #Captcha #Plugin poses serious risks to 300K #WordPress sites
Experts discovered that the popular WordPress Captcha plugin installed on over 300,000 sites was recently updated to deliver a hidden backdoor. Security experts at WordFence have discovered that the popular WordPress Captcha […]
Loapi Android malware can destroy your battery mining Monero
Experts from Kaspersky have spotted an Android malware dubbed Loapi that includes a so aggressive mining component that it can destroy your battery. Researchers from security firm Kaspersky Lab have spotted a new […]
RSA Conference 2018
Hey, infosec professional, think fast. After all, your industry isn’t slowing down anytime soon. New threats, emerging innovations—it’s all coming your way. The big question is, are you ready? For […]
OCC.GOV WILL REGULATE BITCOINS BY 2020 OR SOONER #BigIdeas2018
#BigIdeas2018 As a Top 1% of LinkedIn Cyber Security Expert, the folks at LinkedIn asked me to write a predictive article about 2018. So, I’m sharing my thoughts on why […]
North Korea Bitten by Bitcoin Bug
RiskIQ collaborated with Proofpoint Cyber Security on research for a report published todayinvestigating the activities of North Korea’s Lazarus Group, which highlights the group’s recent focus on cryptocurrency investors and exchanges. Earlier […]
U.S. blames North Korea for the massive WannaCry ransomware attack
It’s official, according to Tom Bossert, homeland security adviser, the US Government attributes the massive ransomware attack Wannacry to North Korea. It’s official, the US Government attributes the massive attack […]
Zealot Campaign leverages NSA exploits to deliver Monero miners of both Windows and Linux servers
Security researchers spotted a sophisticated malware campaign, tracked as Zealot campaign targeting Linux and Windows servers to install Monero miners. Security researchers from F5 Networks spotted a sophisticated malware campaign, tracked as Zealot campaign […]
Enhance Cyber Threat Hunting Through Optical Network Analysis
Cyber Intelligence Officials Need Data Mining Capabilities to Track Malicious Activity on Global Transport Networks Requires by Mike Seidler, Product Marketing Manager, NetQuest Corp. Global optical transport networks have a […]
19 Million California Voter records held for ransom attack on a MongoDB instance
Voter registration data for more than 19 million California residents stored in an unsecured MongoDB instance has been deleted and held for ransom. Voter registration data for more than 19 […]
Creepy Cortana – Is She Spying on You?
You might wonder why Microsoft gave away billions of dollars worth of Windows 10. In fact, up until Windows 8, they sold the operating system to generate significant revenues for […]
Trump signed a bill prohibiting the use of Kaspersky Lab product and services
The US President Donald Trump signed a bill that bans the use of Kaspersky Lab products and services in federal agencies. Section 1634 of the bill prohibits the use of security […]
The OceanLotus MacOS Backdoor Transforms into HiddenLotus with a Slick UNICODE Trick
Experts at Malwarebytes warns of a new variant of the macOS OceanLotus backdoor is using an innovative technique to avoid detection, A few years ago the bad actors realized they […]
Roll Back of Net Neutrality is a Watershed Moment
Fake News Killed Net Neutrality, Will Telecom Kill the News? If you think the end of net neutrality is the bad news today, you’re in for some more. Remember that […]
A Year in Review: Ransomware
Top ransomware records for November 2017 There was a lot more ransomware activity in November compared to the previous month. The infamous ACCDFISA Trojan literally rose from the ashes after […]
Vietnamese hacker stole security details and building plans from an Australian airport
Hackers compromised computer systems at an Australian Airport and stole sensitive security details and building plans. The man was identified and arrested. Hackers compromised computer systems at the Australian Perth Airport and stole sensitive […]
‘Tis the season to prepare your e-commerce business to effectively fight fraud
With the holiday shopping season fast approaching, e-commerce companies are once again planning for and preparing to profit from the increasing numbers of shoppers who purchase their gifts online. While […]
HBO hacker linked to the Iranian Charming Kitten APT group
A new report published by ClearSky linked a man accused by U.S. authorities of hacking into the systems of HBO to the Iranian cyber espionage group Charming Kitten. Experts from the security […]
TeamViewer fixes a flaw that allows users sharing a desktop session to gain control of the other’s PC
TeamViewer released a patch to fix a vulnerability that allows users sharing a desktop session to gain control of the other’s computer without permission. Remote support software company TeamViewer released […]
RSA Authentication SDK affected by two critical vulnerabilities, patch it now!
Two different critical vulnerabilities were found in the RSA Authentication SDK (software development kit), patch them asap. The first bug, tracked as CVE-2017-14377, is authentication bypass that affects the RSA Authentication Agent for Web […]
PayPal-owned company TIO Networks data breach affects 1.6 million customers
PayPal confirmed that one of the companies it owns, TIO Networks, suffered a security breach, that affected 1.6 million customers. PayPal confirmed that one of the companies it owns, TIO […]
VPN: Do You Really Need It? This Will Help You Decide!
Privacy is an aspect that is increasingly valued when it comes to surfing the Internet, but is increasingly difficult to achieve. User data is too valuable for companies and is […]
PGP, OpenPGP, and GPG: What They Are and When to Use Them
If you’ve worked in technology or cybersecurity for any amount of time, you’ve probably heard of Pretty Good Privacy, or PGP. PGP is an encryption method used to secure data […]
Kazakhstan-born Canadian citizen pleads guilty to 2014 Yahoo hack, he admits helping Russian Intelligence
The Kazakhstan-born Canadian citizen Karim Baratov (22) has pleaded guilty to massive 2014 Yahoo hack that affected three billion accounts. The Kazakhstan-born Canadian citizen Karim Baratov (22) (Kay, a.k.a Karim Taloverov, a.k.a Karim Akehmet Tokbergenov), has […]
U.S. Indicts Chinese hackers for cyber espionage on Siemens and Moody’s
US authorities have filed official charges against three Chinese hackers part of the elite cyber-espionage unit APT3. US authorities charged three China-based hackers for stealing sensitive information from US based companies, including Siemens […]
A new Mirai variant is rapidly spreading, around 100,000 IPs running the scans in the past 60 hours
A new Mirai variant is rapidly spreading, experts observed around 100K IPs running the scans in the past 60 hours searching for flawed ZyXEL PK5001Z routers. According to Li Fengpei, […]
Imgur was hacked in 2014, 1.7 million user accounts were compromised
Imgur, the popular image sharing service, confirms email addresses and passwords were stolen in a security breach occurred in 2014. Are you an Imgur user? News of the day it that […]