In This Section

PINDROP BLOG

Category: Hacking

April 4, 2017
The Good, the Bad, and the Ugly of Software Export Controls
ST. MAARTEN–Perhaps no regulation has caused as much turmoil in the technology industry recently as the proposed export controls for intrusion software written by the Department of Commerce. The rules have broad implications for security researchers who rely on information sharing to do defensive work, and the potential restriction of that data moving across borders…
Read More →
April 4, 2017
Inside the Total Compromise of a $25 Billion Bank
ST. MAARTEN–On a quiet Saturday afternoon in October 2016, security researchers in Latin America began noticing some odd behavior in the Brazilian banking system. Customers visiting the  website of one of the country’s larger banks were being hit with automatic malware downloads, but as the researchers began investigating the incident, it quickly became clear that…
Read More →
April 3, 2017
Researchers Tie Bank Attacks to North Korea
ST. MAARTEN–New details discovered in the investigation into the string of attacks on banks around the world using the SWIFT network show have linked the intrusions to attackers based in North Korea. Separate research conducted by experts at SWIFT, Kaspersky Lab, and BAE Systems uncovered a trail of clues that, taken together, point to North…
Read More →
April 3, 2017
New Details Connect Moonlight Maze Attacks on US Government to Modern Campaigns
ST. MAARTEN–Researchers investigating modern cyber espionage operations have found a direct link between the Moonlight Maze attacks that hit a number of United States military and government agencies in the 1990s and operations that are still ongoing today. The connections, through code samples, logs, and other data, show that some of the same tools and…
Read More →
March 21, 2017
NSA: We Disclose 90% of the Flaws We Find
In the wake of the release of thousands of documents describing CIA hacking tools and techniques earlier this month, there has been a renewed discussion in the security and government communities about whether government agencies should disclose any vulnerabilities they discover. While raw numbers on vulnerability discovery are hard to come by, the NSA, which does…
Read More →
March 21, 2017
Site Hacks Continue to Spike, Google Says
The number of sites hacked last year increased by nearly one third compared to 2015, Google said in a new report, a trend that the company expects will continue in years to come. Google’s crawlers constantly check sites for a number of different properties, including the presence of certain types of content that indicate they’ve…
Read More →
March 20, 2017
Critical Cisco Flaw Found Buried in Vault 7 Documents
Hundreds of models of Cisco switches are vulnerable to a remote-code execution bug in the company’s IOS software that can be exploited with a simple Telnet command. The vulnerability was uncovered by company researchers in the CIA hacking tool dump known as Vault 7. The bug is a critical one and an attacker who is…
Read More →
March 15, 2017
Security Professionals Expect More Attacks On IIoT in 2017
As technology vendors race to create more and more devices connected to the Internet of Things (IoT) the opportunity for hackers to get into these devices grows larger and larger, as these IoT devices are usually made with little to no regard for security. The fears of a large-scale attack waiting to happen were solidified this week when security firm Tripwire released the…
Read More →
March 15, 2017
Struts Vulnerability Attracting Plenty of Attackers
Attackers are continuing to seek out and exploit vulnerable servers running vulnerable versions of the Apache Struts framework, with hundreds of separate sources trying to take advantage of the bug. The vulnerability lies in the way that some versions of the Struts framework handles some content-type values. An attacker who is able to exploit the…
Read More →
March 14, 2017
Researchers Find 36 Android Devices Pre-Owned With Malware
About 10 years ago, security researchers began warning users and technology manufacturers about the problem of hardware devices coming out of the box pre-loaded with malware. It began with digital picture frames and USB drives, and it has moved to mobile phones, with the latest example coming in the form of 36 Android phones that shipped with…
Read More →
Pindrop® Panorama: Beating the Balancing Act of Security and Customer Service