Clik here to view.
What grade does your favorite app get?
Forbes'Parmy Olson published a short article about PrivacyGrade on Tuesday. What is PrivacyGrade?From PrivacyGrade's FAQ:The goal of PrivacyGrade.org is to help raise awareness of the behaviors that...
View ArticleClik here to view.
OnionDuke: APT Attacks Via the Tor Network
Recently, research was published identifying a Tor exit node, located in Russia, that was consistently and maliciously modifying any uncompressed Windows executables downloaded through it. Naturally...
View ArticleVideo: R.I.P. Internet #Slush14
Mikko gave an excellent presentation at Slush 2014 on Tuesday. Check it out!R.I.P. InternetAdditional Slush videos are available on YouTube. On 20/11/14 At 12:46 PM
View ArticleClik here to view.
The Regin Espionage Toolkit
Regin is the latest in the line of sophisticated espionage toolkits used to target a range of organizations around the world. As already reported, it's one of the more complex pieces of malware...
View ArticleOut-of-Band Flash Player Update for CVE-2014-8439
Adobe has released an out-of-band update to fix a vulnerability in Flash Player which was reported by F-Secure.We discovered the vulnerability while analyzing a Flash exploit from an exploit kit...
View ArticleClik here to view.
Warning: State-Sponsored Attackers
Updated our door today, just to be clear…Print your own.On 28/11/14 At 05:09 PM
View ArticleClik here to view.
The United Kingdom's ISC on Privacy
From the Intelligence and Security Committee of Parliament's Report on the intelligence relating to the murder of Fusilier Lee Rigby:"We further note that several of the [US Communications Service...
View ArticleClik here to view.
Who hacked Sony Pictures Entertainment and why?
If you haven't kept up with the news about Sony Pictures Entertainment's breach, you really should catch up. Now. It's fast becoming the worst hack any company has ever publicly suffered.Reuters:...
View ArticleClik here to view.
The Internet is on Fire
I spoke at the TEDxBrussels event last week, and the video has now been made available. This was the third time I spoke at TEDxBrussels. You can find the previous talks from here and here.In the talk I...
View ArticleClik here to view.
Hackerstrip
Hackerstrip is an online cartoon that features real Hackers like Xylitol, Charlie Miller and Chris Valasek. Their tagline is "Real Stories - Real Hackers".Hackerstrip was started by Ravi Kiran. The...
View ArticleClik here to view.
White Papers: W32 & W64/Regin, Stage #1
Now available: white papers on Regin's stage 1 components.Senior Researcher Paolo Palumbo has been busy since November 23rd converting his Regin notes into white papers.These are meant be to a...
View ArticleClik here to view.
Mysterious Turla Linux Backdoor Also For Solaris?
There have been numerous reports about the mysterious Linux backdoor connected to Turla, an APT family. The malware has some pretty interesting features, the most interesting being its ability to...
View ArticleClik here to view.
Archie and Astrum: New Players in the Exploit Kit Market
Exploit kits continue to be a critical tool for the propagation of crimeware. New exploit kits have appeared this year, and this post will discuss two of them — Archie and Astrum.Archie EK was first...
View ArticleClik here to view.
OphionLocker: Joining in the Ransomware Race
Last August, we blogged about a series of Ransomware that included SynoLocker and CryptoWall. In our Cryptowall blogpost, we briefly mentioned the more advanced family of ransomware CTB-Locker, which...
View ArticleClik here to view.
Who do you trust?
Normally when we post a video, it's of somebody that you know quite well (Mikko). But today… we'd like to post a video of somebody that you might not know and who speaks highly of us (here in the...
View ArticleClik here to view.
False Positive: Exploit:JS/HuanJuanEK.A
We've just fixed a false positive that detected content from many clean websites as Exploit:JS/HuanJuanEK.A. The database that contained the false positive prone detection was F-Secure Hydra...
View ArticleClik here to view.
The Connections Between MiniDuke, CosmicDuke and OnionDuke
In September, we blogged about CosmicDuke leveraging timely, political topics to deceive the recipient into opening the malicious document. After a more detailed analysis of the files we made two...
View ArticleOne Definitive Prediction For 2015
As Carl Sagan used to say, extraordinary claims require extraordinary evidence. And recently, the public has been asked to believe one particularly extraordinary claim: that North Korea attacked Sony...
View ArticleClik here to view.
The Conscience of a Hacker
The Conscience of a Hacker — written just over 29 years ago.It could have been written yesterday. Read the rest here.More context here. On 14/01/15 At 06:44 PM
View ArticleClik here to view.
Security and Military Experts Fall For "Open" Wi-Fi
Seems like just about everybody will use "open" Wi-Fi — even Swedish security experts.#FacepalmA case of do as I say, not as I do?From Ars Technica: Activist pulls off clever Wi-Fi honeypot to protest...
View Article