11 Aug 2016

How Researchers Exposed Iranian Cyberattacks Against Hundreds of Activists

Late last year, a group of hackers likely linked to the Iranian government reorganized the infrastructure supporting their cyberattacks. The hackers built it so their malware, which was infecting Iranian human rights activists and dissidents at home and abroad, would contact different servers under their control. Source: How Researchers Exposed

Read More
10 Aug 2016

Hack of Democrats’ Accounts Was Wider Than Believed

“A Russian cyberattack that targeted Democratic politicians was bigger than it first appeared and breached the private email accounts of more than 100 party officials and groups, officials with knowledge of the case said Wednesday. The widening scope of the attack has prompted the F.B.I. to broaden its investigation, and

Read More
10 Aug 2016

Why the ‘cyber kill chain’ needs an upgrade

“One of the most popular models for analyzing cyberattacks doesn’t focus  enough on what to do after adversaries break into networks successfully, which they inevitable will do, Black Hat 2016 attendees were told this week in Las Vegas. IT resume makeover: Don’t try to please everyone Writing a resume means

Read More
10 Aug 2016

Microsoft accidentally leaks its Golden Key, exposing the danger of backdoors

“Microsoft has demonstrated why the FBI’s desire for ‘Golden Key’ backdoors allowing ‘good guys’ to bypass security is such a bad idea: it inadvertently released its own keys to Windows tablets, phones, HoloLens and other devices using UEFI Secure Boot.” Source: Oops: Microsoft leaks its Golden Key, unlocking Windows Secure

Read More
10 Aug 2016

Australian census attacked by hackers 

The Australian government believes a series of attacks on its census website was a deliberate attempt to sabotage the national survey. Source: Australian census attacked by hackers – BBC News

Read More
09 Aug 2016

How to hack a government (to overthrow it)

“And while hilarious at times, it was a surprising eye-opener about how common hacking techniques combined with military know-how could help topple a regime. But Rock noted that it takes more than just sitting behind a keyboard to be a kingmaker. To fill in the knowledge gaps he had, he

Read More
09 Aug 2016

Researchers Hide Malware Inside Digitally Signed Executables

“Cybercriminals can pack malware into digitally signed executables without breaking the signature, thus avoiding anti-virus detection, researchers say. In a whitepaper presented at Black Hat USA 2016, Deep Instinct researchers reveal that it is possible to hide a malicious file with the ability to be executed within a file without

Read More
09 Aug 2016

Spear Phishing in Tehran

“It wasn’t: The email had actually been sent from a hacker likely working on behalf of the Iranian government. The links to the requested forms contained malware designed to spy on its recipients — a human rights activist and likely others in the Iranian diaspora — on behalf of Tehran.

Read More
09 Aug 2016

Researchers crack open unusually advanced malware that hid for 5 years

“Security experts have discovered a malware platform that’s so advanced in its design and execution that it could probably have been developed only with the active support of a nation-state. The malware—known alternatively as ‘ProjectSauron’ by researchers from Kaspersky Lab and ‘Remsec’ by their counterparts from Symantec—has been active since

Read More
09 Aug 2016

The state of cyber security: we’re all screwed

“In his keynote, Kaminsky called for a federal agency devoted to security issues, similar to the National Institutes of Health, that can ‘create engineering solutions to the real-world security problems that we have’. ‘It can’t just be two guys,’ he said. ‘I need a pile of nerds to be able

Read More