LockyDump Tool Helps Track Ransomware Configurations and Variants
The group behind the Locky ransomware has continued to update and improve the malware its distributing, and security researchers have been racing to keep up with the changes. The Talos research team at Cisco is part of that effort and the group has released a new tool that can dump all of the configuration information […]
DHS Warns Mirai Malware is Targeting Sierra Wireless Gateways
DHS is warning users that the Mirai malware is infecting wireless gateways sold by Sierra Wireless and using the compromised devices as part of a botnet for DDoS attacks. The Mirai malware has been targeting a variety of embedded devices, especially CCTV cameras, that have default telnet credentials enabled and compromising them. The attackers deploying […]
Pork Explosion Backdoor Found in Some Android Bootloaders
A security researcher has uncovered a debugging feature left in some Android firmware images on devices assembled by Foxconn that essentially serves as a fully functioning backdoor that can be exploited in as little as five seconds. Researcher Jon Sawyer found the backdoor in a bootloader that Foxconn provides on some of the Android phones it […]
Hack iOS 10 and Get $1.5 Million
The stakes in the vulnerability acquisition and bug bounty game have just gone up several notches, with a well-known security startup now offering $1.5 million for a remote jailbreak in iOS 10. The payout was put on the table Thursday by Zerodium, a company that buys vulnerabilities and exploits for high-value target platforms and applications. The company […]
Europol Warns That Ransomware is Biggest Online Threat
Ransomware has become the largest threat to consumers and businesses in the EU, according to a new threat report from Europol. The Internet Organized Crime Threat Assessment points to variants such as Cryptowall, Cryptolocker, Teslacrypt, and CTB-Locker as representing the biggest security problem for European users. Ransomware is not a new threat, but it’s evolved and […]
Hackers Activate Tesla’s Brakes From Miles Away
The amount of technology packed into modern cars is kind of amazing. Just a few years ago, the most advanced thing in most vehicles was the cell phone in the user’s pocket. Now, many cars have computer-controlled engines, brakes, entertainment systems, and communications. Cool. The downside of this revolution is that some of these systems can […]
Cry Ransomware Pinpoints Victims Via Google Maps API
UPDATE: A new strain of ransomware known variously as Cry or CryLocker has emerged, and it’s using a few novel techniques, including communicating via UDP and using the Google Maps API to find victims’ locations. Researchers at the MalwareHunterTeam discovered the CryLocker ransomware and analyzed its behavior, with the help of Lawrence Abrams of Bleeping […]
Large Network of Compromised Embedded Devices Found
The word botnet usually conjures images of hordes of compromised PCs being used for DDoS attacks or malware operations, but researchers in the Czech Republic has discovered a large network of compromised CCTV cameras, routers, and other embedded devices that’s growing by tens of thousands of devices per day. Since the end of May, researchers […]
Apple Patches Trident Bugs in OS X and Safari
A week after fixing three critical vulnerabilities in iOS that were used in an attack on a human rights activist, Apple has released patches for the same bugs in Safari and OS X. The vulnerabilities include two flaws in the OS X kernel and a WebKit bug, which was fixed in the Safari browser. One of the […]