In This Section

PINDROP BLOG

Category: Hacking

July 18, 2017
GhostCtrl Android Malware Hijacks Audio, Roots Devices
A recently discovered piece of Android malware called GhostCtrl apparently evolved from the well-known OmniRAT tool for desktop platforms and has the ability to steal or delete a wide variety of user and device data. GhostCtrl has an interesting pedigree and history. The backdoor is connected to a data-stealing worm known as Retadup that was detected…
Read More →
July 18, 2017
New Data Shows Attackers Focusing More Attention on iOS
A new report released this morning by Skycure shows that attackers are beginning to focus more and more of their attention on iOS, even as attacks on Android are leveling out . This would be the first time in iOS’s 10 year history that attacks on that platform have outpaced that of its main competitor, Google’s Android.   The…
Read More →
July 17, 2017
Cisco Fixes Remote Code Execution Flaw in WebEx Extensions
Cisco has patched a serious remote code execution flaw in its WebEx extensions for both Google Chrome and Mozilla Firefox, a bug that could be exploited quite easily. The vulnerability affects several different browser extensions produced by WebEx, including the Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco…
Read More →
July 14, 2017
Attackers Compromising Fresh WordPress Installs
Attackers are scanning for new WordPress installations that haven’t been configured yet and compromising them and then using that access to take over entire sites. The attacks have been going on since May and researchers have seen many IP addresses that typically are engaged in other attack campaigns joining in this one, too. Using automated tools,…
Read More →
July 13, 2017
Congressmen Seek to Outlaw Cyber Intel Sharing With Russia
A group of House Democrats has introduced a bill that would formalize a policy of the United States not sharing cyber intelligence with Russia. The proposed law is a direct response to comments President Donald Trump made earlier this week after he met with Russian President Vladimir Putin. After the meeting, Trump said on Twitter…
Read More →
July 13, 2017
Verizon Says Data Breach Exposure Limited
Verizon has acknowledged that millions of customer records, including phone numbers and account PINs, were exposed in a misconfigured cloud database, but says no one aside from a security researcher accessed the data. The data was in an Amazon cloud bucket administered by a third-party vendor used by Verizon in Israel. Chris Vickery, a researcher…
Read More →
July 13, 2017
Tens of Thousands of Machines Still Open to EternalBlue Bug
Weeks after the WannaCry and NotPetya ransomware campaigns emerged and months after Microsoft released a patch for the vulnerability the two pieces of malware used to spread, more than 60,000 machines are still vulnerable to the bug. The vulnerability, which lies in Microsoft’s implementation of the SMB protocol, has been part of both the WannaCry…
Read More →
July 10, 2017
Android Ransomware Threatens to Leak Victim Data
The attacker community is continuing to expand the variety of ransomware strains it creates, including a recent variant that doesn’t encrypt victims’ files but instead threatens to send personal data and photos to their contacts. Researchers at McAfee discovered this ransomware variant buried within a couple of apps in the Google Play app store recently.…
Read More →
July 7, 2017
Makers of ME Doc Software Say They’ve Closed Backdoor Used By NotPetya
The makers of the M.E. Doc software that has been at the center of the NotPetya malware story say they have produced an updated version of the application that does not include the backdoor that had been slipped in by attackers several months ago. “M.E.Doc has created an update that will ensure safe work in the…
Read More →
July 6, 2017
New Attack Recovers Satellite Phone Crypto Key in Fraction of a Second
A team of researchers from China has developed a new attack on one of the ciphers used to secure the communications of satellite phones that enables them to recover a 64-bit key in a fraction of a second under some circumstances. The work focuses on the GMR-2 cipher used in Inmarsat satellite phones and the attack…
Read More →
Pindrop® Panorama: Beating the Balancing Act of Security and Customer Service