Meet the World’s Biggest ‘Bulletproof’ Hoster
For at least the past decade, a computer crook variously known as “Yalishanda,” “Downlow” and “Stas_vl” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers. What follows are a series of clues that point…
Zoom RCE vulnerability also affects RingCentral and Zhumu
I’ve already written something about Zoom vulnerabilities (CVE-2019-13576, CVE-2019-13586) in my WeeklyRoundup, but today the security researcher Karan Lyons, has published a new video confirming that the same RCE flaw is exploitable also in RingCentral and Zhumu (a chinese rebrand of Zoom) for macOS users. The Zoom conferencing app contained…
The Great Hack: a Netflix documentary about the Cambridge Analytica scandal
The Great Hack covers the revelation that political consulting firm Cambridge Analytica secretly collected 87 million Facebook users’ data. The Great Hack starts with a light recap of the Cambridge Analytica scandal, enhanced with shimmering graphics that represent people’s data leaking from their phones and laptops. Then it jumps back…
Is ‘REvil’ the New GandCrab Ransomware?
The cybercriminals behind the GandCrab ransomware-as-a-service (RaaS) offering recently announced they were closing up shop and retiring after having allegedly earned more than $2 billion in extortion payments from victims. But a growing body of evidence suggests the GandCrab team have instead quietly regrouped behind a more exclusive and advanced…
Critical Vulnerability Patched in Ad Inserter Plugin
Description: Authenticated Remote Code Execution Affected Plugin: Ad Inserter Affected Versions: <= 2.4.21 CVSS Score: 9.9 (Critical) CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H On Friday, July 12th, our Threat Intelligence team discovered a vulnerability present in Ad Inserter, a WordPress plugin installed on over 200,000 websites. The weakness allowed authenticated users (Subscribers and…
Media File Jacking: WhatsApp and Telegram media files can be manipulated from attackers
According to a research published by Symantec, on Android systems attackers can manipulate media files transferred by users through the WhatsApp and Telegram messaging applications due to the way the Android operating system allows apps to access files in external storage. The attack method, dubbed “Media File Jacking” allows a…
Raspberry Pi Alternatives: 10 Single-Board Computers Worthy of Hacking Projects Big & Small
The $35 Raspberry Pi is an amazingly useful single-board computer (SBC) with a good balance of price, performance, and connectivity options. But for some projects, it just isn't enough. Whether you need more computing power, a smaller size, or better machine-learning capabilities, there are other options available. For those unfamiliar,…
Podcast Episode 29: iThemes Security Creator Chris Wiegman on Flying, Plugins & Developer Tools
At WordCamp Atlanta, Mark sat down with Chris Wiegman, the creator of Better WP Security. Now known as iThemes Security, it is installed on over 900,000 WordPress sites. Chris talks about his experiences as a flight captain flying over the Hawaiian islands and what happened when an earthquake occurred shortly…
Details of the Cloudflare outage on July 2, 2019
Almost nine years ago, Cloudflare was a tiny company and I was a customer not an employee. Cloudflare had launched a month earlier and one day alerting told me that my little site, jgc.org, didn’t seem to have working DNS any more. Cloudflare had pushed out a change to its…
CVE-2019-1132: a Windows Zero-Day exploited by Buhtrap Group in espionage campaigns
According to experts at ESET, the Windows zero-day vulnerability CVE-2019-1132 was exploited by the Buhtrap threat group in a targeted attack aimed at a government organization in Eastern Europe. TL;DR Keep your system up-to-date! The vulnerability The CVE-2019-1132 affects the Win32k component and could be exploited to run arbitrary code…
New version of FinFisher spyware used to spy on iOS and Android users in 20 countries
Malware researchers from Kaspersky have discovered new and improved versions of the FinFisher spyware, able o infect both Android and iOS devices. According to the experts, the new versions have been active at least since 2018, one of the samples analyzed was used last month in Myanmar, where local government…
FEC: Campaigns Can Use Discounted Cybersecurity Services
The U.S. Federal Election Commission (FEC) said today political campaigns can accept discounted cybersecurity services from companies without running afoul of existing campaign finance laws, provided those companies already do the same for other non-political entities. The decision comes amid much jostling on Capitol Hill over election security at the…
‘Agent Smith’ malware has infected Android apps on 25 million devices
According to security firm Check Point, a newly discovered Android malware that replaces portions of apps with its own code has infected more than 25 million devices. The malware doesn’t steal data from a user. Instead, it hacks apps and forces them to display more ads or takes credit for…
The Network is the Computer: A Conversation with Greg Papadopoulos
I spoke with Greg Papadopoulos, former CTO of Sun Microsystems, to discuss the origins and meaning of The Network is the Computer®, as well as Cloudflare’s role in the evolution of the phrase. During our conversation, we considered the inevitability of latency, the slowness of the speed of light, and…
The Network is the Computer: A Conversation with John Gage
To learn more about the origins of The Network is the Computer®, I spoke with John Gage, the creator of the phrase and the 21st employee of Sun Microsystems. John had a key role in shaping the vision of Sun and had a lot to share about his vision for…