Research News, Articles and Updates

Cryptocurrency miners target web servers with malware

RubyMiner malware plants XMRig on vulnerable systems. Security researchers have discovered malware aimed at Linux and Windows servers running to mine cryptocurrency.

Apparent Korean actor 'Group123' linked to six phishing campaigns

Researchers have attributed six separate phishing campaigns targeting South Koreans in either 2017 or 2018 to a single threat actor called "Group123."

KillDisk wiper malware sets sight on Latin American financial organisations

A new variant of the disk wiping malware KillDisk is targeting financial firms in Latin America to wreak havoc without leaving so much as a note.

New Mac malware - MaMi - hijacks DNS connections

Malware can steal passwords, take screenshots and access files. Security researchers have discovered new Mac malware that can hijack DNS settings.

Blender 3D open source platform plagued with arbitrary code vulnerabilities

Cisco Talos researchers identified multiple unpatched vulnerabilities in the Blender Open Source 3D creation suite that could allow an attacker to run arbitrary code.

Facebook bug bounty programme paid out £638K in 2017

Facebook's 2017 Bug Bounty programme paid out US$ 880,000 (£638,000) to more than 100 researchers and will update its Thanks page in 2018 to reflect dollar amount and submission validity, among other items.

Cryptominer malwares in RIG EK spread via malvertising

Malwarebytes researcher Jerome Segura analysed a RIG exploit campaign distributing malware coin miners delivered via drive-by download attacks from malvertising.

Proposed law would levy penalties on breached credit reporting agencies

A newly proposed legislation introduced by two Democratic US senators aims to impose stiff, mandatory penalties on credit reporting agencies (CRAs) that fail to protect consumers' sensitive information from data breaches.

Hackers could steal from shipping companies by diverting cargo payments

Security researchers have found that freight messaging systems can be subverted to send money to criminals.

Researchers believe malicious Android app written in code may be a first

Researchers have discovered a fake utility app called Swift Cleaner that they believe may be the first Android mobile malware developed using the open-source Kotlin programming language.

Vulnerabilities including remote execution spotted in WDMyCloud products

A GulfTech researcher spotted multiple vulnerabilities In Western Digital's MyCloud products, some of which could lead to remote code execution and unauthorised access.

Facial recognition fooling glasses could subvert TSA security

Researchers at the US' Carnegie Mellon University and University of North Carolina at Chapel Hill developed a technique to fool facial recognition algorithms including those used at airports.

Security issue found in AMD's Platform Security Processor

Security researchers have discovered a flaw in the AMD PSP (Platform Security Processor), which could enable hackers to execute code in a security module that stores data such as passwords, certificates, and encryption keys.

Dismantled Andromeda botnet will 'slowly disappear' over time

What remains of the Andromeda botnet that was largely dismantled in a November 2017 global law enforcement operation will probably "slowly disappear" as remediation continues into 2018, predicted one cyber-security company.

36 malicious apps advertised as security tools spotted in Google Play

Trend Micro researchers notified Google that 36 malicious apps on Google Play are posing as security tools.

macOS Zero Day details exposed by researcher

An independent security researcher called Siguza revealed a local privilege escalation Zero Day in macOS that can be exploited by any unprivileged user.

Smartphone sensors exploited to steal login PINs

Researchers from Nanyang Technological University in Singapore developed a technique to leverage a phones sensors to guess a user's PIN code.

Necurs botnet launches massive 47 million emails per day campaign

The Necurs botnet continued to launch massive global ransomware attacks through the holidays with researchers stopping as many as 47 million emails per day.

VMware fixes bugs in vCenter Service Appliance, three hypervisors

VMware on Tuesday patched a series of vulnerabilities in its ESXI, Workstation Pro, and Fusion hypervisors, as well as its vCenter Server Appliance.

Loki Bot expands from Excel spreadsheet to attack other office applications

Security researchers have discovered a new attack vector launched through Microsoft Excel spreadsheets, and the Loki Bot has just recently expanded into other Office applications.

Severe security flaw found in Windows 10-bundled password manager

A Google researcher has uncovered a severe security flaw in a password management tool that has been widely bundled with Windows 10.

Prilex and Cutlet Maker ATM malwares uniquely target users

Trend Micro researchers spotted two ATM malware families one of which, Prilex, uses highly targeted attacks to hijack banking applications and another, Cutlet Maker, which is a flexible standalone application for emptying the ATM's safe.

Microsoft launches privilege escalation attack on itself with Office 365

A flaw in the way Microsoft Azure Active Directory (AD) Connect configures the AD synchronisation account in Office 365 hybrid installations, creates stealthy admins in the user group by default.

New MacOS malware steals bank log-in details and intellectual property

Security researchers have discovered a new, invasive OSX.Pirrit adware variant targeting Mac OS X that enables cyber-criminals to take full control of a user's Mac computer.

TLS exploit capitalises on 19-year-old vulnerability; vendors issue patch

Researchers recently discovered that a nearly two-decade-old vulnerability in TLS stacks was still exploitable due to insufficient protective counter-measures some used by highly popular websites.

TLS implementation bug put millions at risk

A critical security bug put millions of banking app users at risk, according to researchers from the University of Birmingham.

BlackBerry recommendations for connected car security; cyber-crime target

As our cars become more connected and our society moves closer to wide spread autonomous driving, researchers and companies alike are calling for national standards to help secure connected vehicles.

Market-leading security products broken by Doppelganging attack

New Doppelganging attack process memory attack methodology not only defeats market-leading security products but breathes new life into old threats at the same time.

ParseDroid vulnerabilities could affect all Android developers

Checkpoint researchers discovered several vulnerabilities in Android application developer tools that put any organisation that does Java/Android development at risk of an outsider gaining access to their system.

'Golden Ticket' SAML attack vector puts cloud apps at risk

New Golden Ticket technique could allow hackers to authenticate themselves with cloud services and enable any level of privilege.