Collaborate Disseminate
In this crimeware report, Kaspersky researchers provide insights into Andariel’s activity targeting organizations: clumsy commands executed manually, off-the-shelf tools and EasyRat malware. Continue reading Andariel’s silly mistakes and a new malware family
Archiving data from old storage media can be a highly complex process. It can be as simple as putting a disk in an old drive and reading out the contents. …read more Continue reading VHS-Decode Project Could Help Archival Efforts
I published the following diary on isc.sans.edu: “A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes“: Yesterday, I analyzed a malicious archive for a customer. It was delivered to the mailbox of a user who, hopefully, was security-aware and reported it. The payload passed through the different security layers based on big
The post [SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes appeared first on /dev/random.
Continue reading [SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes
More than 107 million scientific journals have been catalogued and turned into a general index. The size of the archive is 38 terabytes. Continue reading Archivists Create a Searchable Index of 107 Million Science Articles
A comprehensive three-month analysis of Apple’s online services has netted a team of security researchers a $288,500 reward after reporting critical vulnerabilities as part of its bug bounty program. In total, the researchers disclosed 55 vulnerabiliti… Continue reading Security Researchers Awarded over $250,000 for Reporting 55 Vulnerabilities in Apple’s Bug Bounty Program
Sodinokibi (REvil) ransomware operators have been busy over the past month, and have now claimed US fine spirits manufacturer Brown-Forman as their latest victim. The Kentucky-based company, one of the largest US businesses in the spirits and wine busi… Continue reading Kentucky-Based Fine Spirits Manufacturer Targeted by REvil Ransomware
If you’ve logged onto GitHub recently and you’re an active user, you might have noticed a new badge on your profile: “Arctic Code Vault Contributor”. Sounds pretty awesome right? But whose code got archived in this vault, how is it being stored, and what’s the point?
Continue reading Ask Hackaday: Why Did GitHub Ship All Our Software Off To The Arctic?
We’ve reached the half-year mark and online scammers are still taking advantage of the uncertainties brought on by the pandemic. Cyber-attacks targeting both consumers and business surged worldwide, and the trend shows no sign of stopping any tim… Continue reading Go Phish: Cybercriminals Stick to Coronavirus and Financial Content to Fuel Phishing Schemes
On underground criminal marketplaces the email addresses and plaintext passwords of over 26 million LiveJournal blogging accounts are being traded, despite LiveJournal’s owners refusing to acknowledge that any security breach has occurred. The fi… Continue reading 26 million LiveJournal users warned that their passwords have been breached
A vulnerability researcher has received a bug bounty after discovering security holes in Apple’s software that could allow malicious parties to hijack an iPhone or Mac user’s camera and spy upon them. Bug hunter Ryan Pickren is richer to th… Continue reading Hacking the iOS/macOS webcam – Apple pays out $75,000 to bug hunter