PINDROP BLOG

Category: Hacking

October 11, 2016
Zombie IoT Devices Are Flooding the Internet With Garbage Traffic
The last couple of weeks have seen two of the larger DDoS attacks ever recorded, and researchers have attributed them in part to a large botnet called Mirai comprising mostly infected IoT devices. Looking closely at some other large-scale DDoS attacks with similar characteristics, researchers at Cloudflare discovered that the attackers are specifically using Layer 7 attacks…
Read More →
October 10, 2016
StrongPity Attackers Use Malicious Crypto Apps to Target Users
Organized APT groups have been using watering-hole attacks for many years, targeting highly specific groups of victims by compromising legitimate sites or setting up their own malicious copycat sites. Researchers have now uncovered a group that is using this tactic to deliver compromised encryption apps to victims. The group, known as StrongPity, has been operating…
Read More →
October 10, 2016
Wyden, EFF Say Yahoo Mail Scanning Order Should be Released
The secret order the Department of Justice served on Yahoo last year to get the company to scan incoming emails for specific terms should be declassified and made public under the terms of the USA Freedom Act, experts say. Sometime in the early part of 2015, the Justice Department reportedly went to Yahoo officials with…
Read More →
October 7, 2016
Bugs in Chinese IoT Components Aid Mirai Botnet Spread
Researchers looking into the Mirai botnet that has been used in two massive DDoS attacks in the last couple of weeks have discovered that many of the compromised IoT devices in the botnet include components from one Chinese manufacturer and have hardcoded credentials that can’t be changed. The Mirai botnet is made up of a…
Read More →
October 6, 2016
U.S. Charges Two in Lizard Squad DDoS, Phone Bombing Attacks
The Department of Justice has charged two teenagers in connection with a scheme that involved hacking-for-hire activities as well as a service that would make repeated harassing phone calls to victims for a price. The charges are related to an investigation into the Lizard Squad hacking group, which has been tied to a number of DDoS…
Read More →
October 6, 2016
On the Wire Podcast: Mike Mimoso
It’s been a weird and wild week in the security world, with the Yahoo mail-scanning scandal, the arrest of another NSA contractor for allegedly stealing classified documents, and the FBI asking for cyber help. So we called up Mike Mimoso of Threatpost to unpack all of it and see where things stand. Music by Chris…
Read More →
October 6, 2016
New Attack Invisibly Monitors Mac Video Calls
There have been a number of pieces of malware to emerge in the last few years that have the ability to hook into the microphone and camera of infected machines, allowing attackers to record private conversations of targeted users. Now a researcher is releasing a new tool that can detect and alert Mac users to hidden…
Read More →
October 5, 2016
FBI Official: Skepticism of Government Hurts Cyber Investigations
Although the FBI has improved its information security and forensics capabilities significantly in recent years, the bureau still is hamstrung by its inability to get complete cooperation from private companies and other organizations on attack data, the FBI’s deputy director said. The bureau is the main investigative agency for cybercrime and attacks on American companies,…
Read More →
October 4, 2016
Open Whisper Systems Makes the Case Against Data Retention
The continued success of the modern web relies on nothing so much as data, great roiling rivers of information produced by billions of users and trawled constantly by the network’s insatiable predators. They take in and store as much of that data as possible, and dissect, analyze, and categorize it every which way from Sunday.…
Read More →
September 30, 2016
Hack iOS 10 and Get $1.5 Million
The stakes in the vulnerability acquisition and bug bounty game have just gone up several notches, with a well-known security startup now offering $1.5 million for a remote jailbreak in iOS 10. The payout was put on the table Thursday by Zerodium, a company that buys vulnerabilities and exploits for high-value target platforms and applications. The company…
Read More →