Recent Posts

Operation Lonely Guy: Iranians Use Cute Girl Profile to Cultivate, Compromise Targets in Middle East

Hackers working on behalf of the government of Iran are using alluring social media profiles featuring a young, English photographer to entice and then compromise the systems of high value targets in the oil and gas industry, according to a report by Dell Secureworks. In a report released on Thursday, Secureworks’ Counter Threat Unit (CTU) said that it observed an extensive phishing campaign beginning in January and February 2017 that used a polished social media profile of a young, English woman using the name “Mia Ash” to conduct highly targeted spear-phishing and social engineering attacks against employees of Middle Eastern and North Africa firms in industries like telecommunications, government, defense, oil and financial services.  The attacks are the work of an advanced persistent threat group dubbed COBALT GYPSY or “Oil Rig” that has been linked to other sophisticated attacks. The attacks, which spread across platforms including LinkedIn and Facebook, as […]

Continue Reading

At BlackHat: Hell is Other People’s Machine Learning

In-brief: Machine learning is all the rage in the information security industry. But a study by Endgame and University of Virginia suggests that it may be vulnerable to manipulation by sophisticated AI-driven tools.

Continue Reading

Update: WHISTL Labs will be Cyber Range for Medical Devices

In-brief:  A global federation of labs will test the security of medical devices, according to an announcement on Monday by a consortium of healthcare industry firms, universities and technology firms. (Updated with comments from Dr. Nordenberg. PFR 7/25/2017)

Continue Reading

German Electronics Store Sued for Selling Un-Patchable Android Phones

In-brief: That’ll be $99, or $150 without the vulnerabilities! A lawsuit in Germany is trying to force stores to come clean about security holes in the products they sell to consumers. 

Continue Reading

AlphaBay, the Largest Online “Dark Market,” Shut Down | Department of Justice

The Justice Department on Thursday said that it shut down AlphaBay, what it described as “the largest criminal marketplace on the internet,” more than two weeks after the market went dark. The site was used to sell a wide range of contraband to a customer base of some 200,000 individuals worldwide, the DOJ said in a statement. Among the products for sale were illegal drugs, stolen and fraudulent identification documents and access devices, counterfeit goods, malware and other computer hacking tools, firearms, and toxic chemicals, DOJ said. The announcement follows news of the arrest and subsequent death in custody of Alexandre Cazes, who is identified as the creator and administrator of AlphaBay. Cazes was charged in an indictment filed in the Eastern District of California on June 1, on counts ranging from conspiracy to engage in racketeering, to distribution of narcotics to identity theft and trading in false identity documents. FBI […]

Continue Reading
1 143 144 145 146 147 397