Recent Posts

Pages: [1] 2 3 ... 10
1
General Software / Re: Mozilla Firefox Quantum
« Last post by hayc59 on Today at 06:20:34 am »
Firefox v62.0.2 Released
Released: September. 21 2018


Whats New
• Unvisited bookmarks can once again be autofilled in the address bar (bug 1488879)
• WebGL rendering issues (bug 1489099)
• Updates from unpacked language packs no longer break the browser (bug 1488934)
• Fix fallback on startup when a language pack is missing (bug 1492459)
• Profile refresh from the Windows stub installer restarts the browser (bug 1491999)
• Properly restore window size and position when restarting on Windows (bugs 1489214and 1489852)
• Avoid crash when sharing a profile with newer (as yet unreleased) versions of Firefox (bug 1490585)
• Do not undo removal of search engines when using a language pack (bug 1489820)
• Fixed rendering of some web sites (bug 1421885)
• Restored compatibility with some sites using deprecated TLS settings (bug 1487517)
• Fix screen share on MacOS when using multiple monitors (bug 1487419)
• Various security fixes

Direct Download: Firefox 62.0.2 for Windows | Fully Localized Versions
More Info: Release Notes
More Info: Build Notes
More Info: Security Advisories
2
Security & Technology News / Ngrok Mining Botnet
« Last post by Antus67 on Today at 03:01:40 am »
BY: September 22, 2018  By Pierluigi Paganini

The Ngrok campaign is unique in terms of its overall sophistication for a Docker-based attack vector.

Specifically, it demonstrates a novel, dynamic and robust operational security model and the ability to detect and attack newly deployed and misconfigured infrastructure.

Additionally, the campaign is sophisticated in seeking to detect, analyse and neutralise other competing crypto-mining malware. Its agile process can be flexed to quickly deal with new entrant-attacks and ensure a full share of the victim’s CPU resources for its activities.

full article here:https://securityaffairs.co/wordpress/76438/malware/ngrok-mining-botnet.html
3
BY: September 22, 2018  By Pierluigi Paganini

Security experts at ESET have recently observed a surge in activity of DanaBot banking Trojan that was first spotted earlier this year.

DanaBot is a multi-stage modular banking Trojan written in Delphi, the malware allows operators to add new functionalities by adding new plug-ins.

Below some plug-ins that have been used in previous attacks against Australian banks in May 2018:

    VNC plug-in – establishes a connection to a victim’s computer and remotely controls it
    Sniffer plug-in – injects malicious scripts into a victim’s browser, usually while visiting internet banking sites
    Stealer plug-in – harvests passwords from a wide variety of applications (browsers, FTP clients, VPN clients, chat and email programs, poker programs etc.)
    TOR plug-in – installs a TOR proxy and enables access to .onion web site

full article here:https://securityaffairs.co/wordpress/76422/malware/danabot-targets-europe.html
4
BY: September 22, 2018  By Pierluigi Paganini

Bondars was convicted of conspiracy to violate the Computer Fraud and Abuse Act, conspiracy to commit wire fraud, and computer intrusion with intent to cause damage.

“A Latvian “non-citizen,” meaning a citizen of the former USSR who resided in Riga, Latvia, was sentenced to 168 months in prison today for offenses related to his operation of “Scan4you,” an online counter antivirus service that helped computer hackers determine whether the computer viruses and other malicious software they created would be detected by antivirus software, announced Assistant Attorney General Brian A. ” reads the press release published by DoJ.

Scan4you is a VirusTotal like online multi-engine antivirus scanning service that could be used by vxers to test evasion abilities of their malware against the major antiviruses.

Unlike VirusTotal, Scan4you offered a totally anonymous service to its users, this means that data related to the scans of uploaded files were not shared with the antivirus firms.

full article here:https://securityaffairs.co/wordpress/76464/cyber-crime/scan4you-operator-sentenced.html
5
BY:
Author: Tara Seals
September 21, 2018 3:45 pm





Many different threat actors are using this crypting service/tool for their operations, possibly buying it from the developer itself.

As bad actors continue to innovate in the area of sandbox evasion, the use of the Delphi programming language to pack malware code has become more and more prevalent. Researchers recently observed several spam campaigns using a specific packer written in Delphi that goes to great lengths to hunt for normal user behavior before deploying its payload.

Delphi is a legitimate integrated development environment (IDE) for rapid application development of desktop, mobile, web and console software, developed by Embarcadero Technologies. FireEye researchers have observed bad actors using it to more easily write malware that leverages Windows API functions to create anti-sandbox features.

full article here:https://threatpost.com/delphi-packer-looks-for-human-behavior-before-deploying-payload/137609/
6
By Ionut Ilascu



Thousands of WordPress websites have been compromised and injected with JavaScript code that redirects users to tech-support scam pages.

Security researchers discovered that the attacks began in early September and exploited vulnerabilities in outdated plugins.

Jérôme Segura of Malwarebytes says that on the client side he observed a large encoded blurb, typically in the HTML header, or one line of code pointing to external JavaScript code.

full article here:https://www.bleepingcomputer.com/news/security/thousands-of-compromised-wordpress-sites-redirect-to-tech-support-scams/
7
VoodooShield / Re: VoodooShield v4 STABLE Thread
« Last post by Shmu26 on September 22, 2018, 06:25:12 pm »
Hi might be a stupid question but can rehips be used with voodooshield. Just those 2 with no av's? Thks
Yes, you can use them together. I am a ReHIPS alpha/beta tester, and I haven't seen any conflicts reported, or seen any myself. Of course, every system is different. But since you will not be running an AV, you already took the biggest troublemaker out of the picture.

Please note that you will have a significant amount of overlap, because ReHIPS has a lot of mitigations that are similar to VS. 

If you find any bugs or issues that involve ReHIPS in any way, just log into their forum and tell them about it. :)
8
VoodooShield / Re: VoodooShield v4 STABLE Thread
« Last post by schmidthouse on September 22, 2018, 06:09:30 pm »
From Wilders.....>>>>Honestly, the lock idea is a brilliant thing IMO. Personally I think he should trim it down and offer a basic lock product with few features and almost no false positives. Then have the VS we all know as a corporate product. I'd have a lineup like this;

VLock - A good all around, easy to use, low false positive simple to use computer lock that can run with any security suite as a bonus.
VShield - Corporate focused product. Possibly with a centrally managed portal. (probably required for corporate ecosystem penetration)

I'd ditch the free offering entirely. Offer a 30 day trial on VLock, along with sales/discounts but an entirely paid-only offering. Once everything is solidified and perfected launch a campaign to promote and demonstrate it, attract real investors and make bank.<<<

Dan...something to think about :)

Well that all looks good on paper, however the amount of 'full time' commitment what you lay out is more then "significant" especially if going corporate. This would require a complex marketing and advertising infrastructure not to mention the increase customer support infrastructure that would be needed to supply and service corporate requirements/expectations. And lets no forget R&D time.
 A vast amount of time and work imho.
9
VoodooShield / Re: VoodooShield v4 STABLE Thread
« Last post by Schank873-2 on September 22, 2018, 03:08:22 am »
From Wilders.....>>>>Honestly, the lock idea is a brilliant thing IMO. Personally I think he should trim it down and offer a basic lock product with few features and almost no false positives. Then have the VS we all know as a corporate product. I'd have a lineup like this;

VLock - A good all around, easy to use, low false positive simple to use computer lock that can run with any security suite as a bonus.
VShield - Corporate focused product. Possibly with a centrally managed portal. (probably required for corporate ecosystem penetration)

I'd ditch the free offering entirely. Offer a 30 day trial on VLock, along with sales/discounts but an entirely paid-only offering. Once everything is solidified and perfected launch a campaign to promote and demonstrate it, attract real investors and make bank.<<<

Dan...something to think about :)
10
Security & Technology News / Homebuyers Being Targeted by Money Transfer Scam
« Last post by Antus67 on September 22, 2018, 01:56:54 am »
BY: September 21, 2018  By Pierluigi Paganini

Money Transfer Scam – Scammers hack the victims’s email accounts, monitor conversations between the buyers and title agents, send instructions on where to wire the money.

A new homebuyer moves through a period of vulnerable transition as they invest in their future. This sensitive stage — a confusing flurry of representatives, documentation and planning — represents an attractive target for con artists with ill intentions. Some choose to capitalize on homebuyers’ ignorance.

The con in question is a money transfer scam with all the likeness of a typical transaction. Scammers hack the email accounts of their victims and monitor conversations between the buyers and title agents. Toward the close of the interaction, the scammers will send false instructions on where to wire the money.

full article here:https://securityaffairs.co/wordpress/76412/cyber-crime/money-transfer-scam.html
Pages: [1] 2 3 ... 10