Apple, Google, Microsoft Join Anti-Robocall Strike Force
Nearly three dozen technology companies have joined the anti-robocall strike force led by AT&T and spurred by the FCC, and the group will work together on technological and policy solutions to the robocall problem. The Robocall Strike Force formed last month at the behest of FCC Chairman Tom Wheeler, who called on carriers to take […]
Eddie Bauer Hit With Massive Payment System Compromise
Malware infected the point-of-sale systems in all of Eddie Bauer’s stores in the United States and Canada for more than six months this year, stealing payment card data at the company’s 350 stores. The attack affects an untold number of customers who shopped in the stores between January and mid-July of 2016, but the company said […]
On the Wire Podcast: Rick Holland on the Shadow Brokers
The release by a group called Shadow Brokers of a massive amount of tools, vulnerabilities, and exploits apparently used by the Equation Group hacking team linked to the NSA has set the security industry buzzing and raised a number of questions about government surveillance, security, and foreign policy. Dennis Fisher talks with Rick Holland of […]
Cisco Warns of Firewall 0-Day From Shadow Brokers Dump
The fallout from the release of a huge toolset believed to have been used by a team of NSA-linked hackers continues, as vendors have begun releasing advisories about some of the vulnerabilities exposed in the Equation Group files. Cisco is among the first companies to warn customers about bugs in their products, specifically a high-severity […]
DataSploit Framework Automates Intelligence Gathering for Social Engineers
Social engineering is a broad term applied to an ill-defined list of activities, and many of the techniques that criminals and white hats both use are developed ad hoc. But a new tool called DataSploit aims to pull together many of the reconnaisance activities into one framework that will gather large amounts of data on […]
Researchers Find Strong Ties Between Equation Group Tools and Shadow Brokers Dump
The researchers who originally uncovered the Equation Group, a hacking team strongly believed to be tied to the NSA, says that the trove of offensive tools, exploits, and files apparently stolen from that group and dumped online this week has a “strong connection” to the Equation Group’s known toolsets. An anonymous group calling itself the Shadow […]
Vaw Yeah: Vawtrak Trojan Adds Certificate Pinning to Its Arsenal
Banking Trojans have fallen out of the threat spotlight lately, thanks to all of the shine going to ransomware, but they are still out there doing their business. And in some cases, like the venerable Vawtrak malware, the authors are making important and interesting tweaks to their creations to stay ahead of the defenders. Vawtrak […]
Big Chunk of Android Devices Vulnerable to TCP Hijacking Bug
The TCP hijacking vulnerability in Linux disclosed last week also affects about 80 percent of Android phones in use right now, researchers said. The bug in question lies in the Linux kernel and has been there since version 3.6 of the kernel. It allows an attacker to hijack a TCP session by inferring the TCP sequence […]
Breach at Hotel Operator HEI Targeted Payment Card System
Customers of 20 hotels from a variety of operators are being warned about a compromise of payment card systems at HEI Hotels and Resorts that resulted in the theft of a wide range of card data. The attack on HEI, which owns and operates hotels from a number of chains, including Marriott, Westin, Sheraton, and […]