Check Point researchers revealed a new attack vector using malicious subtitle files, which, when downloaded by a victim’s media player, can provide complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io.
Posted
#Weekly-News
Researchers published WannaCry ransomware decryption tool for older Windows (XP, 2003, 7). It uses bug in the Windows Crypto API which does not immediately erase private key. The application is crawling the computer memory, looking for the prime numbers which can divide the public key used for the encryption.
Posted
#Weekly-News
You have probably heard about the WannaCry/WannaCrypt/WannaWhatever worm spreading ransomware, because of the sensation created by parties profiting from the scare tactics. But also because it is using really good spreading technique - exploiting MS17-010 SMB vulnerability leaked from the NSA. Some post-mortem analysis of the first version (with the killswich) and TheShadowBrokers blog are listed below. Crypto is working, so no trivial decrypter is probable, except if the keys are published.
Posted
#Weekly-News
Some good souls are selling Ransomware as a service. It has own logo, support, bug tracker, and a clean website.
Posted
#Weekly-News
A team of researchers from New York University said they identified a severe flaw in General Electric Multilin protection relays, which are widely deployed in the US energy sector.
Posted
#Weekly-News
Crooks are already using recently leaked NSA hack tools to exploit thousands of unpatched Windows machines.
Posted
#Weekly-News
Interesting blog about the generic unpacking of the Locky malware using Radare r2pipe, python and the Windows 7 VM.
Posted
#Weekly-News
The Cisco Talos team has analyzed ROKRAT remote administration tool targeting South Koreans by spear phishing campaign.
Posted
#Weekly-News
The tale of a misunderstood malware author who has released banking malware - NukeBot- source code on a GitHub to get a track.
Posted
#Weekly-News
Good article about Zeus GameOver botnet take down and chasing of Evgeniy Mikhailovich Bogachev aka Slavik, author of the Zeus malware family.
Posted
#Weekly-News