Latest Vault 7 Leaks Claim CIA Has Bugged Apple Phones Since 2008

A new WikiLeaks Vault 7 leak titled “Dark Matter” claims, with unreleased documents, that the Central Intelligence Agency has been bugging “factory fresh” iPhones since at least 2008. IT security experts from FireMon, prpl Foundation and Comparitech.com commented below. Paul Calatayud, CTO at FireMon: “The validity of the dumps from my 18 years of experience in cyber including […]

Numbers Show Locky Ransomware Is Slowly Fading Away

Over the past six months, the number of Locky ransomware infections has gone down and is expected to reach an all-time low this month, in March. Ever since the ransomware launched in mid-February 2016, Locky has been one of the most active and prevalent ransomware families on the Internet. IT security experts from Imperva, AlienVault and […]

Israeli Government Target Of Spearphishing Campaign

stolen government email addresses & log-ins

A spear phishing campaign against the Israeli Prime Minister’s office has been tracked an analysed by DomainTools’ senior security researcher, Kyle Wilhoit. Highlights from his discovery include: Some of the indicators of compromise attribute this activity to a well known attack group called CopyKitten The phishing email was disguised as an ‘Annual Survey’ word document […]

Avast PC Trends Report Q1 2017 Reveals Majority Of PC Users Are At Risk Due To Outdated Software

Prague, Czech Republic. Avast , the leader in digital security products for business and consumers, revealed that more than half (52%) of the most popular PC applications running on PCs around the world, including Flash and Java are out-of-date. The Avast PC Trends Report Q1 2017, based on insights from the company’s AVG TuneUp product, highlights the top 10 outdated applications, […]

Daphne Caruana Galizia’s Website Suffer ‘Unprecedented’ DDoS Attack

The servers hosting Daphne Caruana Galizia’s personal blog have suffered a DDoS attack. Prior to the DDoS attack, Mrs Caruana Galizia said that a fake Gmail account was setup – similar to her personal email address. Sean Newman, Director at Corero Network Security commented below. Sean Newman, Director at Corero Network Security: “While the motivations for the DDoS attack against […]

Misunderstood: WikiLeaks, The CIA, And Encryption

Much of the excitement surrounding the WikiLeaks “Vault 7” release of purported CIA documents concludes that the CIA has broken encryption.  We didn’t reach the same conclusion.  We explore potential vulnerabilities in encryption apps and conclude that end-to-end encryption, coupled with strong protection at the device level remains the best way to secure everyday communication. Headlines WikiLeaks’ […]

3,000 Industrial Plants Infected With Malware Each Year

Thousands of industrial facilities have their systems infected with common malware every year, and the number of attacks targeting ICS is higher than it appears, according to a study conducted by industrial cybersecurity firm Dragos. This includes one variant posing as Siemens PLC firmware that has been in action since 2013. The backdoor malware is packaged […]

Remote Execution Vulnerability On LastPass’ Chrome Extension Found

Operation PawnStorm uses Java vulnerability

A recent discovery has found that there is a remote execution vulnerability on LastPass’ Chrome extension, that allows complete access to internal privilege LastPass RPC commands. This effectively could mean that victims passwords could be stolen by hackers. Lee Munson, Security Researcher at Comparitech.com commented below. Lee Munson, Security Researcher at Comparitech.com:  “LastPass may have had a flaw, albeit one that […]

Russian Banks Again Spitting Out Money

Russian daily Kommersant reports that the Bank of Russia detected malware that hides inside ATM’s operating memory which “forces” them to dispense cash to anyone who enters certain code on its keyboard. The paper cites the deputy head of information security Artem Sychev, and adds that cash machines made by NCR were among the ATMs mostly attacked. […]