We introduce Stadeo – a set of scripts that can help fellow threat researchers and reverse engineers to deobfuscate the code of Stantinko and other malware. Stadeo is a set of tools primarily developed to facilitate analysis of Stantinko, which is a botnet performing click fraud, ad injection, social network fraud, password stealing attacks and cryptomining. Stadeo was demonstrated for the first time at Black Hat USA...
Read More
The going prices are lower than you probably think – your credit card details, for example, can sell for a few bucks. It’s no news that the dark web is rife with offers of stolen data that ranges from pilfered credit card information and hijacked payment services accounts to hacked social media accounts. Anyone interested can also hire a ne’er-do-well to launch a distributed denial of...
Read More
Like the universe, the attack surface is always expanding. Here's how to keep up and even get ahead. Most criminal activity is designed to elicit a payoff for the perpetrator, and crime on the Internet is no different. As new surfaces emerge, previous attacks are reconstituted and applied. Cybersecurity tends to follow a cycle, once you know when and what to look for. To (poorly) paraphrase...
Read More
Popular video conferencing app Zoom recently fixed a new security flaw that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants. Zoom meetings are by default protected by a six-digit numeric password, but according to Tom Anthony, VP Product at SearchPilot who identified the issue, the lack of rate limiting enabled "an attacker...
Read More
A high percentage of discovered bugs remain unremediated for a long time, a new study shows. Chances are high that almost every single application an organisation uses has at least one security vulnerability in it. Contrast Security recently analysed telemetry gathered between June 2019 and May 2020 from applications in development, testing, and operations at customer locations. The exercise found 96% of applications contained at least one...
Read More
Cybersecurity researchers on Thursday revealed security issues in the Android app developed by Chinese drone-maker Da Jiang Innovations (DJI) that comes with an auto-update mechanism that bypasses Google Play Store and could be used to install malicious applications and transmit sensitive personal information to DJI's servers. The twin reports, courtesy of cybersecurity firms Synacktiv and GRIMM, found that DJI's Go 4 Android app not only asks...
Read More
ESET research uncovers a malicious operation that both spies on victims and leaks their data We discovered a new operation within a long-running cyber-espionage campaign in the Middle East. Targeting Android users via the malicious Welcome Chat app, the operation appears to have links to the malware named BadPatch, which MITRE links to the Gaza Hackers threat actor group known also as Molerats. Our analysis shows that...
Read More
If your company allows employees to bring their own computing devices to the workplace – whether they are smartphones, tablets, or laptops – you need a BYOD security policy. Initially, employees used only company-issued devices in the workplace. Today, smartphones and tablets have proliferated in the consumer market to the point that nearly every employee comes to work with their own internet-connected device. This means...
Read More
A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim's computer running Microsoft Windows 7 or older. By the way, if someone is still using Windows 7, they deserve to get hacked, including many organisations without extended support, because it's only a matter of time before they'll be a victim of...
Read More
A study paints a dim picture of router security, as none of the 127 devices tested was free of severe vulnerabilities. A recent study of more than 100 consumer-grade routers from seven, mostly large vendors has found that nearly all tested routers are affected by scores of unpatched and often severe security flaws that leave the devices – and their users – at risk of cyberattacks. “[T]here...
Read More