Exploit News, Articles and Updates

We're not suggesting you should hack cyberattackers back. But if we were...

The C&C infrastructures that cybercriminals rely on to compromise their victims can be just as vulnerable to exploits as the machines they infected in the first place, making them susceptible to possible retribution attacks.

WikiLeaks: CIA's Brutal Kangaroo toolset lets malware hop onto closed networks

WikiLeaks dumped more leaked CIA documents, publishing materials from a tool suite called Brutal Kangaroo that allows attackers to indirectly infiltrate a closed network or air-gapped computer using a compromised flash drive.

AdGholas malvertisers experiment with ransomware, delivered through Astrum EK

The AdGholas malvertising group conducted a new campaign in May and June 2017 using the Astrum EK to infect victims with Mole ransomware - an unusual change-up for these adversaries, who historically have favored banking trojans.

Terror Exploit Kit ditches carpet bombing techniques; attacks now more surgical

The Terror Exploit Kit is rapidly evolving, no longer bombarding victims with multiple exploits in scattershot fashion, but rather applying only the hacking tools that work best against a specific compromised machine.

Shadow Brokers threatens monthly leak of more NSA tools to monthly subscribers

The Shadow Brokers group that has been leaking alleged NSA hacking tools, is now threatening to launch a "Dump of the Month" service that will deliver more stolen tools and data to paying subscribers.

FBI, CIA launch probe into WikiLeaks; Apple, Google assure zero-day fixes

The information released has yet to be verified but revealed multiple zero days that Apple and Google said are being fixed.

20K Overwatch hackers banned in S. Korea

Overwatch players can rest easier knowing that they can get a fair shake in their online battles after a thousands of hackers have been banned from the game.

ElTest malware campaign changes tactics, scraps use of gates and obfuscation

The long-lived ElTest malware campaign that infects victims through compromised websites evolved once again in the last quarter of 2016, ending its use of exploit kit gates and obfuscation, according to researchers with Palo Alto Networks' Unit 42 threat research team.

Sofacy APT doubles down on its 'DealersChoice' Flash exploit campaign

Russian APT group Sofacy has upped the ante in its campaign to compromise organizations with its "DealersChoice" Flash Player exploit tool, even after Adobe patched a key Flash vulnerability that the tool was observed exploiting.

Stegano malvertising campaign invades major news websites, warns report

A recently discovered exploit kit called Stegano is infecting select machines via malicious banner ads that, by conservative estimates, have been delivered to over a million users in just the last two months.

Gooligan ad fraud malware infects 1.3M Android users

A newly discovered malware program that targets older versions of the Android OS has infected roughly 1.3 million Google accounts, currently breaching devices at a clip of 13,000 victims per day.

Qualcomm launches bug bounty programme to find chip flaws

White hat hackers invited to squash bugs in processors from chip vendor Qualcomm in a bid to fix the "Achilles Heel" of the IT industry.

Linux flaw exposed in a minute by pressing enter key

Researchers have discovered a major vulnerability in Cryptesetup utility that can impact many GNU/Linux systems that just requires the enter key to be pressed for about 70 seconds.

This is PoisonTap, Kamkar tool can hack locked PCs

Security researcher Samy Kamkar rolled out a hacking tool dubbed PoisonTap that can crack into a locked computer fully exposing the device to a myriad of potential hacking problems.

PwnFest hackers exploit vulns in Google Pixel, Safari, and Microsoft Edge

Researchers exploited vulnerabilities in Google's Pixel phone, Apple's Safari browser, and Microsoft Edge browser at the PwnFest 2016 hacking event.

Floki Bot: The Rest of the Story

Last week we took the 100,000 foot level view of the relatively new floki bot. This bot - allegedly modeled after Zeus 2.0.8.9 is selling in the underground marketplaces for around $1,000.

Google and Microsoft in dust-up over vulnerability disclosure

Ten days after privately disclosing an actively exploited, critical Windows vulnerability to Microsoft Corporation, Google's Threat Analysis Group went public with the flaw, despite the lack of a patch.

Zero days used in attacks on DNC, Podesta

Russian hackers are employing zero-day exploits to infect target networks, according to security researchers at ESET.

Researchers discover exploit of Intel flaw allows ASLR bypass

Security researchers published details of the exploit in a research report entitled "Jump Over ASLR: Attacking the Branch Predictor to Bypass ASLR."

Oracles issues large batch of updates

Oracle released its latest batch of patches on Tuesday to address 253 security vulnerabilities for 76 products.

Nearly 6K e-commerce sites hacked, including GOP group

Hackers exploited security vulnerabilities and weak passwords to burrow their way into a number of e-commerce sites, including that of the National Republican Senatorial Committee.

Linux-run IoT devices under attack by NyaDrop

Internet of Things (IoT) devices running on the open-source Linux OS are under attack from NyaDrop.

Researcher pressured to limit big reveal of Big Blue flaw

An Italian researcher who discovered a bug in IBM WebSphere and then worked with the company for two months on fixing the flaw, had his research censored by Big Blue.

European ATM cyberattacks up 28%, those using dynamite up 30%

The increasing security provided by EMV payment cards, or chip cards, may be compelling European criminals to eschew the use of malware in favor of explosives to steal money from ATMs.

Ascesso malware spreading via student loan forgiveness spam

The bad actors behind a new malware contagion are exploiting the desperation of American college graduates looking for relief from their student debt.

Blockchain hit with DNS attack

Blockchain.info, a popular Bitcoin wallet provider, was knocked offline for seven hours on Thursday after a domain name system (DNS) attack.

Brazil hotbed of financial fraud, report

Brazil has emerged as a primary center of financially motivated e-crime threat activity.

Matrix SSL patched for heap overflow and other bugs

Heap overflow, out-of-bounds read and unallocated memory free operation vulnerabilities were addressed with a patch.