Month: May 2019

0 Comments
Private equity firm Insight Partners has acquired a controlling stake in Recorded Future, a threat intelligence firm based in Somerville, Mass., for $780 million. Founded in 2009, Recorded Future employs machine learning techniques to generate threat intelligence and provide a comprehensive view of the threat landscape. Early investors in the company include Google’s venture arm,
0 Comments
Insight Venture Partners has agreed to acquire a controlling interest in Recorded Future, a threat intelligence company, in addition to the minority stake it already owns. The all-cash transaction puts the value of Recorded Future at more than $780 million.  According to its press release, Recorded Future is the largest privately held threat intelligence software company
0 Comments
by John E Dunn One of computer security’s special frustrations is the phenomenon of malware that keeps re-infecting a system no matter how many times defenders think they’ve cleaned it. This was the puzzle that recently confronted Sophos Support when it was called in to investigate the mystery of an internet-facing Apache Tomcat web server
0 Comments
McAfee Advanced Threat Research recently released a blog detailing a vulnerability in the Mr. Coffee Coffee Maker with WeMo. Please refer to the earlier blog to catch up with the processes and techniques I used to investigate and ultimately compromise this smart coffee maker. While researching the device, there was always one attack vector that
0 Comments
ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only Turla, also known as Snake, is an infamous espionage group recognized for its complex malware. To confound detection, its operators recently started using PowerShell scripts that provide direct, in-memory loading and execution of malware executables and libraries.
0 Comments
Cyberwarfare is computer- or network-based conflict involving politically motivated attacks by a nation-state on another nation-state. In these types of attacks, nation-state actors attempt to disrupt the activities of organizations or nation-states, especially for strategic or military purposes and cyberespionage. Although cyberwarfare generally refers to cyberattacks perpetrated by one nation-state on another, it can also
0 Comments
Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide. Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has already infected nearly 50,000 servers and are installing a sophisticated kernel-mode rootkit on compromised
0 Comments
Netflix’s chief content officer Ted Sarandos said the streaming service (which is spending billions of dollars on an ever-growing catalog of original content) will “rethink [its] whole investment in Georgia” if a recently-signed abortion law goes into effect. Sarandos’ statement was first published in Variety. The industry publication said it reached out to the major studios
0 Comments
Cryptopia, an exchange that was hacked and subsequently went into liquidation in May, has filed for bankruptcy protection in the United States. Grant Thornton will be handling the preservation of the data stored and hosted on servers with an Arizona-based firm, according to Yahoo News.  The bankruptcy court in the Southern District of New York issued an
0 Comments
Nearly 1 million Windows systems are still unpatched and have been found vulnerable to a recently disclosed critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Protocol (RDP)—two weeks after Microsoft releases the security patch. If exploited, the vulnerability could allow an attacker to easily cause havoc around the world, potentially much worse
0 Comments
It is not uncommon for a corporate perimeter security strategy to be based on a series of appliances. Intrusion prevention devices, next-generation firewalls (NGFWs) and application firewalls are part and parcel of a multi-tier security perimeter. Deploying multiple physical devices, however, can be a logistical nightmare; as a consequence, security functions are good candidates for
0 Comments
Most IT security professionals believe GDPR non-compliance is commonplace, as the landmark data protection legislation turns one tomorrow, according to Infosecurity Europe. Over 6400 industry practitioners responded to a Twitter poll run by the leading cybersecurity event, which runs from June 4-6. Some 68% said they thought many organizations have likely not taken the GDPR
0 Comments
An anonymous hacker with an online alias “SandboxEscaper” today released proof-of-concept (PoC) exploit code for a new zero-day vulnerability affecting Windows 10 operating system—that’s his/her 5th publicly disclosed Windows zero-day exploit [1, 2, 3] in less than a year. Published on GitHub, the new Windows 10 zero-day vulnerability is a privilege escalation issue that could