Bradley Barth

Editor
Remcos RAT campaign delivers new variant using AutoIt wrapper

Remcos RAT campaign delivers new variant using AutoIt wrapper

A new Remcos remote access trojan campaign uses an AutoIt wrapper to deliver a previously unknown variant featuring new obfuscation and anti-debugging techniques

Cracked.to hacking forum user data breached and leaked by rivals

Cracked.to hacking forum user data breached and leaked by rivals

A breach at online hacking forum Cracked.to resulted in a public doxxing that exposed a database containing 749,161 email accounts, as well as corresponding IP addresses

Cisco issues multiple product updates, fixes critical flaws in small business switches

Cisco issues multiple product updates, fixes critical flaws in small business switches

Cisco Systems issued a series of security updates addressing 26 vulnerabilities, including two critical ones found in its Small Business 220 Series Smart Switches

Researcher details decades-old design flaws in Microsoft's CTF protocol

Researcher details decades-old design flaws in Microsoft's CTF protocol

Microsoft's CTF protocol harboured a series of 20-year-old flaws that could allow unauthorised parties to take over applications that use said protocol

Varenyky malware records porn on screen, distributes sextortion spam

Varenyky malware records porn on screen, distributes sextortion spam

A cybercriminal operation that's been targeting France since May is attempting to distribute malware capable of recording the screens of victims who visit pornographic websites

Trojanised apps containing ad fraud malware downloaded 102M times

Trojanised apps containing ad fraud malware downloaded 102M times

Malicious clicker trojans Android.Click.312.origin and Android.Click.313.origin have been found in a wide variety of normal-looking and operable apps, including maps, QR code readers, dictionaries, fitness trackers, route finders and text editors

Report: SEC looking into First American Financial Corp.'s leaky website

Report: SEC looking into First American Financial Corp.'s leaky website

First American Financial Corp. has become the subject of a US Securities and Exchange Commission investigation, following the discovery of a website defect that left 885 million documents exposed to the public

Saefko RAT peeks at browser histories to help adversaries form optimal attack plan

Saefko RAT peeks at browser histories to help adversaries form optimal attack plan

A new remote access trojan scans a device's Chrome browser history and collect application data, including the number of times the user has visited specific websites

Researcher: GDPR's Right of Access policy can be abused to steal others' personal info

Researcher: GDPR's Right of Access policy can be abused to steal others' personal info

Poor vetting of 'Right of Access' requests under GDPR offers chance of data theft, found an Oxford University scholar

Selling zero-days to governments takes some business savvy, says former bug broker

Selling zero-days to governments takes some business savvy, says former bug broker

Researchers seeking profit beyond that of a traditional bug bounty reward will require a fair share of business acumen to seal the deal, says former vulnerability broker Maor Shwartz