Tag: hacking

Microsoft Patched Shadow Brokers Flaws Before Latest Disclosure
Hacking

Microsoft Patched Shadow Brokers Flaws Before Latest Disclosure

The latest release of exploits and vulnerabilities from the Shadow Brokers came as a surprise to many observers, but not to the security team at Microsoft. It turns out that the company already has patched most of the flaws in its products that were exposed in last week’s exploit dump. […]

CSRF Bug Haunts Magento E-Commerce Platform
Hacking

CSRF Bug Haunts Magento E-Commerce Platform

There is a serious vulnerability in a version of the Magento e-commerce platform that could allow a remote attacker to access¬†a target site’s database. The bug can be used for remote code execution, and the researchers who discovered it say they notified Magento of the vulnerability in November, but the […]

Government, Cybercrime Attackers Target Word Flaw
Hacking

Government, Cybercrime Attackers Target Word Flaw

At least two separate groups of attackers, with disparate motives, have been exploiting the Microsoft Word vulnerability disclosed several days ago. Researchers say that both government-backed attackers and cybercrime groups are targeting the flaw, installing high-level professional malware as well as banking malware. Microsoft on Tuesday released a patch for […]

Microsoft Word Flaw Used in Dridex Malware Campaign
Hacking

Microsoft Word Flaw Used in Dridex Malware Campaign

UPDATE–The zero-day vulnerability in Microsoft Word disclosed in the last few days is now being used as a vector for attackers to install the nasty Dridex banking Trojan. Researchers from a number of security companies have warned about the vulnerability, which Microsoft has yet to acknowledge publicly. The flaw allows […]

Digital StillCamera
Hacking

FBI Disrupts Notorious Kelihos Botnet

The Justice Department has disrupted the Kelihos botnet, one of the more prolific and long-running spam and malware networks, by sinkholing the botnet’s command-and-control servers after the arrest of a Russian man officials allege is Kelihos’s operator. The botnet has been operating since at least 2010 and has infected hundreds […]

On the Wire Podcast: Katie Moussouris
Hacking, Podcast

On the Wire Podcast: Katie Moussouris

Katie Moussouris has pretty much seen it all in her nearly two decades in the security industry as a pen tester, consultant, Microsoft employee, and many other roles. Now she’s putting that experience and knowledge to work helping governments and enterprises work out the problem of vulnerability disclosure and response […]

On the Wire Podcast: David Jacoby and Frans Rosen
Hacking

On the Wire Podcast: David Jacoby and Frans Rosen

Bug bounty programs are nature enough and lucrative enough that there are some researchers making a very comfortable living from them. But not every technology company has one, and not every researcher is looking to make money for themselves on these projects. David Jacoby of Kaspersky Lab and Frans Rosen […]

Inside the Total Compromise of a $25 Billion Bank
Authentication, Hacking

Inside the Total Compromise of a $25 Billion Bank

ST. MAARTEN–On a quiet Saturday afternoon in October 2016, security researchers in Latin America began noticing some odd behavior in the Brazilian banking system. Customers visiting the ¬†website of one of the country’s larger banks were being hit with automatic malware downloads, but as the researchers began investigating the incident, […]

Researchers Tie Bank Attacks to North Korea
Authentication, Hacking

Researchers Tie Bank Attacks to North Korea

ST. MAARTEN–New details discovered in the investigation into the string of attacks on banks around the world using the SWIFT network show have linked the intrusions to attackers based in North Korea. Separate research conducted by experts at SWIFT, Kaspersky Lab, and BAE Systems uncovered a trail of clues that, […]