From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 698 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1576 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 1110 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 1081 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 2131 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1851 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 2122 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 2098 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1890 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116522 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87469 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 82026 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 80334 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 70987 times Read more...
Displaying items by tag: Malware
New LinkedIn phishing email making the rounds
It seems that LinkedIn cannot catch a break. After a rather large data breach that resulted in the theft of a large number of user account information (including unsalted passwords protected by an outdated encryption scheme) there is now a new phishing email making the rounds that is aimed specifically at LinkedIn users. Although phishing emails that target users of social networks are nothing new this one is the first that we have seen that targets LinkedIn users and also appears to be sent directly to LinkedIn user email addresses.
New Trojan found for Android based phones
The Russian team from Dr. Web today announced they have spotted a new Trojan for Android, which they named Android, well TheAndroid.DDoS.1.origin. It's not clear how the Trojan spreads - it is assumed that the authors use social engineering; affected users thought that they were installing legitimate software from Google on their smartphones. This is a very common tactic in the relatively open Google Play store and has been one of the problems that both Apple and Microsoft have used against Google in their battle for smartphone supremacy.
Summary of malicious software in the 2012 by Kaspersky
Kaspersky Lab has issued an annual report for 2012. This report presents some interesting statistics about malicious software that have marked the past year. The data that was analyzed by the well-known antivirus company using KSN system in the cloud (Kaspersky Security Network) to detect and collect information about attacks, points to more interesting things.
Virus records your phone calls on Android devices
It is no longer a secret that along with the development of operating systems for smart phones, viruses, hacks and other malicious software for them is also developed. We could almost say that the viruses from the computer are moving to mobiles. One of the latest pieces of malicious software that was detected by specialists from CA Technologies is a Trojan horse that is able to record all your phone calls and store them on hacker’s servers.
SMS spammers fined 440,000 pounds
Two spammers from Great Britain have received a large penalty for sending spam to mobile phones, according to the BBC. They were given a penalty in the amount of 440,000 pounds. The duo was emitting around 840,000 texts daily through the company they founded to recipients who without a doubt did not want to receive those messages. They "wasted" about 70 SIM cards daily that were connected through the device to the computer and then they used them to spam the messages until they used all available limits.
Fake Apple apps hit Google Play
It is not hard to find false or malicious applications in Google's application store Play and every once in a while they get even more interesting. This time, they were applications that were made to look like they were from the iLife and iWork suites, whose editor was, neither more nor less than - Apple Inc..
Google Play reaches 700,000 apps
According to Bloomberg, Google's application store (Google Play) has grown to over 700,000 titles. Hereby, Apple has lost the advantage according to the number of applications available for the platform, and is now tied with Google. The Android giant has certainly done some work to improve their numbers, like publishing guides for developers on how to develop the games specifically for Android, or just port them to it from other platforms.
Facebook has started to delete fake accounts
Looking at the picture below you are probably thinking “Whoa! Way to go Adele!” but that's not what is this post about. Apparently Facebook has started to massively delete fake accounts, and by those numbers it certainly looks like they have got their hands full. One of most impressive falls is Zyngas's Texas HoldEm Poker, they lost over 96000 fans after this operation started. Illegitimately created accounts, malware likes, or likes from compromised accounts are being removed.
Samsung Galaxy S3 remote reset hack
It looks like there is a simple hack, containing of only one line of code that can start an unstoppable factory reset on the Samsung Galaxy S3. According to security researchers there is a simple USSD (Unstructured Supplementary Service Data) code that can do some serious harm to S3 owners. USSD is a session based GSM protocol unlike SMS and MMS, and it is used to send messages between a mobile phone and an application server. With the advancements in technology there are more than few services based on USSD, some of them are social networking apps, mobile banking, prepaid recharge/account balance, even the NFC technology and QR codes.
Microsoft patches Flash bugs in Windows 8
On Friday Microsoft released an update for Flash on Windows 8 to protect their users from hacker attacks that could’ve started long ago since the bugs were here for quite some time. As it was stated about a week ago, Microsoft decided to take care of this bug and provided a patch for it Firday. Even though Flash Player is a product of Adobe, the whole work had to be done by Microsoft because they copied Google's Chrome and implemented Flash Player into their browser, Internet Explorer 10. They announced the implementation in May, saying “By updating Flash through Windows Update, like IE, we make security more convenient for customers.”