APT28 Targets Cybersecurity Experts in Latest Spy Campaign
The payload allows screenshot capture, data and configuration exfiltration, remote code execution and file downloading.
Month: October 2017
Fake Cryptocurrency Trading Apps Harvest Credentials and Steal Cash
The apps steal Poloniex login credentials, and trick victims into making their Gmail accounts accessible.
US Government Warns CNI Firms of Dragonfly Attacks
New campaign focused on stealing ICS and SCADA data
Reaper Botnet Has Come for the Internet
Reaper is much bigger and more sophisticated than Mirai—and it’s still just a baby.
US Consumers Willing to Trade eCommerce Convenience for Security
Survey contradicts the widely-held belief that consumers value convenience and experience over security.
FBI Seeks DDoS Attack Evidence from Victims
The FBI has requested that US victims of DDoS attacks share the details of the experience
25% of Mail Claiming to Be from Federal Agencies is Fraudulent
As mandate comes down, 82% of federal domains lack DMARC for email security, and have 90 days to implement it.
Domino’s Australia Blames Former Supplier for Info Leak
Customers complain of personalised spam from company
UK Cybercrime Falls but Stats Are Still Shaky
ONS figures show 1.6 million incidents of computer misuse
Kali on KRACK
WPA2 Key Reinstallation AttaCK or KRACK attack
Recently, Mathy Vanhoef of imec-DistriNet, KU Leuven, discovered a serious weakness in WPA2 known as the Key Reinstallation AttaCK (or KRACK) attack. Their overview, Key Reinstallation Attacks: Breaking WP…