PINDROP BLOG

Category: Hacking

July 31, 2017 | Dennis Fisher
Trickbot Adds New Worm Capability
Malware authors and cybercrime gangs, like professionals in legitimate fields, watch their competition closely and take what works and add it to their own arsenals. The latest evidence of this comes in the form of a new function added to the Trickbot banking trojan that allows it to spread in worm-like fashion using SMB. That…
Read More →
July 28, 2017
New Report Shows Depth of Data Breaches Is Worse Than Before
More than six billion consumer records have been compromised in data breaches in just the first six months of this year. That number is higher than the mark for all of 2016, more evidence that attackers are continuing to ramp up their efforts to steal sensitive data. A new report out this week from Risk…
Read More →
July 27, 2017 | Dennis Fisher
To Disclose or Not to Disclose
LAS VEGAS–The people in the security community are good at many things, but reaching consensus is not one of them. That is never more clear than when the topic is vulnerabilities and how to handle them. The last year has seen the publication of a couple of studies on vulnerability discovery and disclosure and how…
Read More →
July 27, 2017 | Dennis Fisher
Broadpwn Bug Allows Phone Takeover With One WiFi Probe Request
LAS VEGAS–The vulnerability in Broadcom WiFi chips running in many iPhones and Android devices that both Apple and Google patched recently could be triggered with a simple probe request from a mobile access point, giving the attacker full control of the victim’s device. The bug, known as Broadpwn, is about as powerful as they come for…
Read More →
July 26, 2017 | Dennis Fisher
Attackers Can Take Over Your Local Car Wash From the Internet
LAS VEGAS–Researchers are continuing to find new and interesting ways to demonstrate the fragility and poor security of IoT devices, and the latest test bed is your local car wash. A weakness in the design of the software that runs a large number of automated car washes in the U.S can allow a remote attacker…
Read More →
July 26, 2017 | Dennis Fisher
Facebook CSO: It’s Time to Focus on Real Problems
LAS VEGAS–The security community needs to get back to solving real problems facing real users in the real world, Facebook’s CSO said, and the company is putting up a million dollars to help do that. Alex Stamos, the top security official at Facebook, said security professionals are spending too much time focusing on elaborate hacks…
Read More →
July 21, 2017
Google to Drop Trust For WoSign in September
Google has finalized its plan to remove trust in Chrome for all certificates issued by Chines CA WoSign, a result of the certificate authority run afoul of the intricate rules that govern CAs. As far back as 2015, officials began noticing certificates issued by WoSign that had one or more problems and violated rules established…
Read More →
July 20, 2017
U.S., European Law Enforcement Take Down AlphaBay Dark Web Market
Authorities in the United States and Europe have shut down two huge criminal marketplace operating on the dark web, one of which officials say was responsible for more than $1 billion in illicit transactions in the last three years. The investigations into the AlphaBay and Hansa marketplaces have been going on since last year, and…
Read More →
July 18, 2017
GhostCtrl Android Malware Hijacks Audio, Roots Devices
A recently discovered piece of Android malware called GhostCtrl apparently evolved from the well-known OmniRAT tool for desktop platforms and has the ability to steal or delete a wide variety of user and device data. GhostCtrl has an interesting pedigree and history. The backdoor is connected to a data-stealing worm known as Retadup that was detected…
Read More →
July 18, 2017
New Data Shows Attackers Focusing More Attention on iOS
A new report released this morning by Skycure shows that attackers are beginning to focus more and more of their attention on iOS, even as attacks on Android are leveling out . This would be the first time in iOS’s 10 year history that attacks on that platform have outpaced that of its main competitor, Google’s Android.   The…
Read More →