Ansible Security Assessment
Introduction Ansible is an open-source software that automates configuration management and software deployment. If you're not familiar with Ansible, we...
malware
Mathway breach latest caper for Shiny Hunters
While the Mathway breach in which 25 million email addresses and salted passwords were reportedly stolen didn’t hit the news...
Turla’s ComRAT v4 uses Gmail web UI to receive commands, steal data
Researchers have uncovered version of the ComRat backdoor, one of the Turla Group’s oldest malware families, that distinguishes itself by...
ZeuS byproduct ‘Silent Night’ Zbot ‘not a game-changer’
The Silent Night Zbot, a new variant of the infamous banking trojan ZeuS that wreaked havoc in mid-2009 may be...
Modular backdoor sneaked into video game developers’ servers
A suspected Chinese APT group used a newly discovered modular backdoor to infect at least one video game developer’s build...
Covid-related malspam campaign impersonates U.S. Treasury to steal taxpayer credentials
The advocacy group Abuse.ch has found a Covid-19-related malspam campaign that impersonates the U.S. Treasury Department and more than likely...
Six need-to-know takeaways from the Verizon breach report
Phishing attacks and stolen credentials have become attackers’ most popular avenues of network compromise, and employee errors are helping pave...
WolfRAT malware targets WhatsApp, Messenger
A new malware called “WolfRAT is targeting messaging apps, such as WhatsApp, Facebook Messenger and Line on Thai Android devices. WolfRAT,...
Ramsay spy framework built to subvert air-gapped defenses
Air-gapped networks aren’t easily compromised, but they don’t offer perfectly air-tight security either. Leveraging insider threats, infecting flash drives and...
How a Security Anomaly was Accidentally Found in an EAL6+ JavaCard
Context Quarkslab is one of the 10 ITSEF (Information Technology Security Evaluation Facility, CESTI in French) licensed by the ANSSI's...
2FA app weaponized to infect Mac users with Dacls RAT
MacOS users who think they have protected themselves by downloading a particular two-factor authentication application may have actually infected their...
Reverse Engineering a VxWorks OS Based Router
Introduction Embedded devices are a huge and wide world of options for CPU architectures, operating systems and file systems. You...
Vulnerabilities in two VPNs opened door to fake, malicious updates
Hackers can exploit critical vulnerabilities in PrivateVPN and Betternet – since fixed – to push out fake updates and plant...
‘About Coronavirus’ app locks Android screens with repackaged malware
An existing version of the Android device screen-locking malware SLocker has apparently been copied and repackaged in the form of...
PhantomLance campaign slipped trojanized apps into marketplaces for years
A long-running malware campaign whose activity dates back to 2016 has been using a sophisticated playbook of tricks to sneak...
Triton v0.8 is Released!
We are pleased to announce that we released Triton v0.8 under the terms of the Apache License 2.0 (same license...
Smart TVs spoofed to deliver billions of fake ad impressions
A cybergang created a botnet that used SmartTVs to generate fake eyeballs for a massive ad fraud campaign that saw...
U.S. offers up to $5M for info on North Korean cyber activity
Four U.S. federal agencies on Wednesday jointly issued an advisory that warns of ongoing North Korea-sponsored cyberthreat operations, and offers...
Pranksters installing MBRLocker wiper, blame Vitali Kremez, MalwareHunterTeam for attack
A malicious actor is trying to discredit two of the more well-known personalities in cybersecurity circles by including their names...
Malvertising campaign spoofs Malwarebytes website to deliver Raccoon info-stealer
Malicious actors created a fake webpage that impersonates cybersecurity company Malwarebytes and were using it as a gateway in a...
Sale of Dharma ransomware source code draws hackers’ scrutiny, but the price is right
An unidentified party has reportedly placed the source code for Dharma ransomware up for sale on at least two Russian...
Best Buy gift cards, USB drive used to spread infostealer
Everyone wants to receive a free $50 Best Buy gift card and USB drive in the mail, but as the...
Hijacked routers and attempted WHO hack highlight latest COVID-19 attacks
Businesses remain closed in many major cities around the world as the coronavirus pandemic rages, but cybercriminals are still open...
Open redirect on Dept. of HHS website benefits COVID-19 phishing scam
A coronavirus-themed phishing campaign designed to infect victims with Raccoon information-stealing malware has reportedly been leveraging an open redirect vulnerability...
