Author Archives: Michael Mimoso

StrongPity APT Covets Secrets of Crypto Users

Posted on October 10, 2016 by Michael Mimoso

Kaspersky Lab researchers have uncovered the StrongPity APT, a group that uses watering hole attacks to infect machines of users seeking encryption technologies such as WinRAR and TrueCrypt. Continue reading StrongPity APT Covets Secrets of Crypto Users→

The Ethics and Morality Behind APT Reports

Posted on October 7, 2016 by Michael Mimoso

Investigating state-sponsored espionage and counterterrorism is one thing. Writing public reports about these activities is another. Continue reading The Ethics and Morality Behind APT Reports→

Free Tool Protects Mac Users from Webcam Surveillance

Posted on October 7, 2016 by Michael Mimoso

Mac security researcher Patrick Wardle released a tool called OverSight that monitors when malware may be recording a webcam or audio session on a macOS machine. Continue reading Free Tool Protects Mac Users from Webcam Surveillance→

Mobile App Collusion Can Bypass Native Android Security

Posted on October 6, 2016 by Michael Mimoso

At Virus Bulletin, researchers explain how Android mobile applications can collude to share data and synchronize payload execution. Continue reading Mobile App Collusion Can Bypass Native Android Security→

Abandoned Mobile C&C Servers Present Opportunity to Attackers

Posted on October 6, 2016 by Michael Mimoso

At Virus Bulletin, researchers explained the risks associated with abandoned SDK master servers that present attackers with an opportunity to assume control of these communication channels. Continue reading Abandoned Mobile C&C Servers Present Opportunity to Attackers→

IoT Botnets Are The New Normal of DDoS Attacks

Posted on October 5, 2016 by Michael Mimoso

DVR’s, IP-enabled cameras, home cable equipment and many other IOT connected devices are that latest in potent DDoS tools available to attackers. Continue reading IoT Botnets Are The New Normal of DDoS Attacks→

Source Code Released for Mirai DDoS Malware

Posted on October 3, 2016 by Michael Mimoso

An attacker known as Anna-senpai released source code for the Mirai malware, which was used in a 620 Gbps DDoS attack against Krebs on Security. Continue reading Source Code Released for Mirai DDoS Malware→

Mozilla Reduces Threat of Export-Grade Crypto to Firefox

Posted on October 3, 2016 by Michael Mimoso

The Firefox browser will now deny TLS connections to servers using weak Diffie-Hellman keys. Continue reading Mozilla Reduces Threat of Export-Grade Crypto to Firefox→

Academics Put Another Dent in Online Anonymity

Posted on September 30, 2016 by Michael Mimoso

Academics from Stanford and Princeton release an online tool called Footprints that correlates browsing history with Twitter feeds to reveal a users identity. Continue reading Academics Put Another Dent in Online Anonymity→

Zerodium Triples its iOS 10 Bounty to $1.5 Million

Posted on September 29, 2016 by Michael Mimoso

Zerodium tripled the bounty it offers for an Apple iOS 10 remote jailbreak, boosting the reward to $1.5 million. Continue reading Zerodium Triples its iOS 10 Bounty to $1.5 Million→