WPA2 security flaw puts almost every Wi-Fi device at risk of hijack, eavesdropping

A security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers, has been broken, putting almost every wireless-enabled device at risk of attack. The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network. That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream. In other words: this...

Read more »

Here is every patch for KRACK Wi-Fi attack available right now

Monday morning was not a great time to be an IT admin, with the public release of a bug which allowed WPA2 security to be broken. As reported previously by ZDNet, the bug, dubbed "KRACK" -- which stands for Key Reinstallation Attack -- is at heart a fundamental flaw in the way Wi-Fi Protected Access II (WPA2) operates. The security protocol, an upgrade from WPA, is used to protect and secure communications between everything from our routers, mobile devices, and Internet of Things (IoT) devices, but there is an issue in the system's four-way handshake which permits devices with a pre-shared password to join a network. According to security researcher Mathy Vanhoef, who discovered the flaw, threat actors can leverage the vulnerability...

Read more »

Shadow Brokers Release Windows Malware that can Steal Keystrokes and Record Audio to its Paid Subscriber

Paid subscribers of Shadow Brokers’ monthly subscription can now gain complete access to your PC/laptop and steal your passwords and chats The hacking group named SHADOW BROKERS, which was responsible for the NSA leaks earlier. is back with another NSA hacker kit. This time however, the leak is only available for the users with its “monthly subscription”.In their latest release, SHADOW BROKERS have released a malware dubbed UNITEDRAKE. It is a remote access and control tool with “plug-ins” that can target WINDOWS based systems enabling the hacker with full control over their victim's system.UNITEDRAKE is compatible with systems running on Microsoft Windows XP, Vista, 7, 8 up to Windows Server 2012. It first came to light in 2014 as a part...

Read more »

Millions of Android phones could be tracked with ultrasonic spying tool

Researchers discovered 234 Android apps that could be spying on users CREDIT: GOOGLE Hundreds of Android apps could be covertly tracking users via inaudible sounds emitted by nearby devices, researchers have found.  Researchers discovered technology that lets devices talk to one another for tracking purposes using ultrasonic tones on 234 Android apps.  Televisions, billboards, websites and shops can emit the high frequency sounds, which can't be heard by humans but are picked up by the apps. This signals whether a person has engaged with an advert by watching it, or visited a shop, and how long for.  Apps featuring the technology include those from McDonald's and Krispy Kreme....

Read more »

Check if you were hit by the massive 'Avalanche' cybercrime ring

SAN FRANCISCO — The U.S. government has posted links for free scanning programs so companies and individuals can check their computers to make sure they weren't victims of a massive, international cyber criminal operation that was taken down Thursday after a four-year investigation. “This is probably the biggest operation that law enforcement has ever done against cyber crime,” said Catalin Cosoi, chief security strategist with BitDefender, one of the dozens of companies worldwide that worked with law enforcement to attack the group. The U.S. Computer Emergency Readiness Team (US_CERT) has posted links to five scanners on its site. Europol has also posted a list of sites in multiple languages for potentially infected users. The malware only affects systems running the Microsoft...

Read more »

GM Bot (Android Malware) Source Code Leaked Online

The source code of a recently discovered Android banking Trojan that has the capability to gain administrator access on your smartphone and completely erase your phone's storage has been LEAKED online. The banking Trojan family is known by several names; Security researchers from FireEye dubbed it SlemBunk, Symantec dubbed it Bankosy, and last week when Heimdal Security uncovered it, they dubbed it MazarBot. All the above wave of Android banking Trojans originated from a common threat family, dubbed GM Bot, which IBM has been tracking since 2014. GM Bot emerged on the Russian cybercrime underground forums, sold for $500 / €450, but it appears someone who bought the code leaked it on a forum in December 2015, the IBM X-Force team reported. What is GM Bot and Why Should You...

Read more »

Facts About Remote Access Trojans (RATs) vs AlienSpy

AlienSpy is the latest in a family of RATs which target both consumers and enterprises in a bid to steal valuable data and compromise systems. Remote Access Trojans (RATs) never fully vanish; instead, they are often recycled and redeveloped in the changing cybersecurity landscape. These kinds of Trojans, often deployed through phishing campaigns which use spoof emails and malicious files to deliver malware payloads, can be tailored to target particular industries -- such as banking or manufacturing -- or be used indiscriminately against both consumers and businesses. In a security advisory (.PDF) posted Thursday, security firm Fidelis said the newly-discovered AlienSpy Trojan is currently being used in international phishing campaigns against both consumers and the enterprise,...

Read more »

TOP 20 MALICIOUS IP - Weekly Threat Report – December 16, 2014

104.194.4.89103.41.124.31198.13.96.59203.196.162.162121.127.248.230222.186.51.140213.149.0.23093.89.237.11438.72.115.193222.186.51.140103.41.124.4261.160.224.12883.3.193.23894.214.238.20847.16.90.49221.226.35.154212.7.192.13862.210.178.4298.109.76.3693.174.95...

Read more »