Device Security

http://www.dahlstroms.com
Device Security

Apple Fixes Broadpwn Bug in iOS 10.3.3

In the latest version of iOS Apple has patched dozens of serious security flaws, including the Broadpwn vulnerability in some Broadcom WiFi chips, and a number of remote code execution bugs in various components of the OS. Not many details of the Broadpwn vulnerability are public yet, but it’s considered […]

GhostCtrl Android Malware Hijacks Audio, Roots Devices
Device Security, Hacking

GhostCtrl Android Malware Hijacks Audio, Roots Devices

A recently discovered piece of Android malware called GhostCtrl apparently evolved from the well-known OmniRAT tool for desktop platforms and has the ability to steal or delete a wide variety of user and device data. GhostCtrl has an interesting pedigree and history. The backdoor is connected to a data-stealing worm known […]

Tens of Thousands of Machines Still Open to EternalBlue Bug
Device Security, Hacking

Tens of Thousands of Machines Still Open to EternalBlue Bug

Weeks after the WannaCry and NotPetya ransomware campaigns emerged and months after Microsoft released a patch for the vulnerability the two pieces of malware used to spread, more than 60,000 machines are still vulnerable to the bug. The vulnerability, which lies in Microsoft’s implementation of the SMB protocol, has been […]

Android Ransomware Threatens to Leak Victim Data
Device Security, Hacking

Android Ransomware Threatens to Leak Victim Data

The attacker community is continuing to expand the variety of ransomware strains it creates, including a recent variant that doesn’t encrypt victims’ files but instead threatens to send personal data and photos to their contacts. Researchers at McAfee discovered this ransomware variant buried within a couple of apps in the […]

Google Patches Broadpwn Flaw in July Android Update
Device Security

Google Patches Broadpwn Flaw in July Android Update

Google has released its monthly set of Android patches for July, a release that includes fixes for many, many remote-code execution vulnerabilities, the highlight of which is a serious bug in some Broadcom chipsets that affects a lot of Android devices, as well as some iPhones. That vulnerability, which is known […]

Ukrainian Police Seize Servers in NotPetya Investigation
Device Security, Hacking

Ukrainian Police Seize Servers in NotPetya Investigation

UPDATE–Police in Ukraine have confiscated several servers from the software company that develops the M.E. Doc accounting software that is believed to have been an unwitting part of the distribution process for the NotPetya ransomware. Soon after the emergence of NotPetya last week, security researchers from several organizations zeroed in on […]

NATO: NotPetya Likely the Work of State Attackers
Device Security, Hacking

NATO: NotPetya Likely the Work of State Attackers

The NotPetya ransomware that hit thousands of computers last week likely was created and launched by state-sponsored attackers, according to a new analysis by security experts at NATO. Based on the complexity and estimated cost of the operation, analysts at NATO’s Cooperative Cyber Defense Center of Excellence concluded that NotPetya […]

New Windows 10 Feature Aims to Halt Ransomware
Device Security

New Windows 10 Feature Aims to Halt Ransomware

Microsoft is aiming to change the success rate of ransomware with a new security feature in Windows 10 that will define a set of folders that can only be accessed by approved apps. The feature is included in the latest interim build of Windows 10 and it comes at a time […]

Petya-Derived Ransomware Is Acting Like Shamoon
Device Security, Hacking

Petya-Derived Ransomware Is Acting Like Shamoon

UPDATE–Security researchers are continuing to delve into the details of the latest ransomware outbreak, and have found that the ExPetr ransomware has a number of interesting characteristics that separate it from other variants and raise questions about its purpose. The ExPetr or NotPetya ransomware shares some code and behavior with the […]