05 Dec 2019

The Great Cannon DDoS Tool Used Against Hong Kong Protestors’ Forum

The Great Cannon Distributed Denial of Service (DDoS0 tool was deployed against the LIHKG platform used by Hong Kong protesters to coordinate. The Great Cannon is a tool that hijacks traffic between IP addressed, resulting in the ability to replace unencrypted content using man-in-the-middle techniques. The Great Cannon is currently

Read More
05 Dec 2019

‘Ultimate’ MiTM Attack Steals $1M from Israeli Startup

Researchers at Check Point Software uncovered an attack that used a sophisticated spoofing campaign to trick a Chinese VC firm and steal money from an emerging Israeli business. The man-in-the-middle campaign effectively intercepted a $1 million wire transfer from a Chinese venture capital firm that was intended for the Israeli

Read More
05 Dec 2019

Ransomware attack hits major US data center provider

CyrusOne, one of the biggest data center providers in the US, suffered a ransomware attack yesterday. CyrusOne is currently working with law enforcement and forensic firms to investigate, as well as working with customers to restore data lost. The ransomware attack was caused by a version of the REvil ransomware,

Read More
05 Dec 2019

Hacker Accessed Private Reports on HackerOne

Last week, an online exchange about a bug bounty report that a hacker submitted to HackerOne, a news aggregator, resulted in a hacker accessing private reports after an analyst’s security cookie was shared. The analyst copied a cURL command from a browser and sent it to the hacker without removing

Read More
04 Dec 2019

EFF warns of ‘one-way mirror’ in the world of corporate online spying

The Electronic Frontier Foundation (EFF) recently published an extensive study that examines techniques used by online service providers to collect and track data on consumers’ personal information and online activities. The report, published on Monday, uncovers corporate surveillance and tracking methods. The EFF found that Facebook uses conversion pixels that

Read More
04 Dec 2019

New macOS Threat Served from Cryptocurrency Trading Platform

Security researchers have reported a new macOS malware that traces back to the malicious North Korean hacking group Lazarus. The threat has a low detection rate and is capable of retrieving a payload from a remote location. Malware researcher Dinesh Devadoss provided a hash for the malware sample that had

Read More
04 Dec 2019

2019 experienced massive spate of crypto crimes, $4.4 billion to date

Research shows that the majority of cryptocurrency exchanges are not equipped to handle basic KYC. Nations only have seven months left to pass laws and virtual asset service providers to comply with guidelines, yet they are inadequately prepared to comply with the new funds Travel Rule in the Financial Action

Read More
04 Dec 2019

TrickBot Expands in Japan Ahead of the Holidays

IBM X-Force data indicated that Trickbot banking Trojan is undergoing code modifications and global attacks are increasingly targeting Japan ahead of the 2020 holidays. IBM reported that Trickbot is currently the most active and widely used baking Trojan. In August, Trickbot was modified to target mobile devices and is the

Read More
04 Dec 2019

Magecart Hackers Open Fire at Smith & Wesson Customers

Digital skimming hackers targeted the website of major US gun producer Smith & Wesson, as well as their customers, over the weekend. Smith & Wesson is based out of Springfield, Massachusetts, and was attacked on Black Friday during one of the highest-grossing shopping days of the year. Smith & Wesson

Read More
03 Dec 2019

Crooks are exploiting unpatched Android flaw to drain users’ bank accounts

Hackers are taking advantage of StrandHogg, a recently publicized Android vulnerability, to steal banking credentials and empty accounts. European security company Wultra warns that several banks in the Czech Republic have reported money disappearing from customer accounts. All versions of Android are affected by the vulnerability, as well as all

Read More