Newsroom

A hand-picked curation of industry news and information, to keep you well informed on all things cyber security

Facebook has patched a bug in its widely installed Messenger app for Android that could have allowed a remote attacker to call unsuspecting targets and listen to them before even they picked up the audio call. The flaw was discovered and reported to Facebook by Natalie Silvanovich of Google's Project Zero bug-hunting team last month on October 6 with a 90-day deadline, and impacts version 284.0.0.16.119...

Read More

A team of academic researchers—who previously made the headlines earlier this year for uncovering severe security issues in the 4G LTE and 5G networks—today presented a new attack called 'ReVoLTE,' that could let remote attackers break the encryption used by VoLTE voice calls and spy on targeted phone calls. The attack doesn't exploit any flaw in the Voice over LTE (VoLTE) protocol; instead, it leverages weak implementation...

Read More

We introduce Stadeo – a set of scripts that can help fellow threat researchers and reverse engineers to deobfuscate the code of Stantinko and other malware. Stadeo is a set of tools primarily developed to facilitate analysis of Stantinko, which is a botnet performing click fraud, ad injection, social network fraud, password stealing attacks and cryptomining. Stadeo was demonstrated for the first time at Black Hat USA...

Read More

The going prices are lower than you probably think – your credit card details, for example, can sell for a few bucks. It’s no news that the dark web is rife with offers of stolen data that ranges from pilfered credit card information and hijacked payment services accounts to hacked social media accounts. Anyone interested can also hire a ne’er-do-well to launch a distributed denial of...

Read More

Like the universe, the attack surface is always expanding. Here's how to keep up and even get ahead. Most criminal activity is designed to elicit a payoff for the perpetrator, and crime on the Internet is no different. As new surfaces emerge, previous attacks are reconstituted and applied. Cybersecurity tends to follow a cycle, once you know when and what to look for. To (poorly) paraphrase...

Read More

Popular video conferencing app Zoom recently fixed a new security flaw that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants. Zoom meetings are by default protected by a six-digit numeric password, but according to Tom Anthony, VP Product at SearchPilot who identified the issue, the lack of rate limiting enabled "an attacker...

Read More
Cybersecurity Assessment Special Offer