-
Recently our team discovered two very interesting tools published on GitHub by security researchers Michele Orrù and Giuseppe Trotta. Muraena is an almost transparent reverse proxy capable of proxying the victim through to the legitimate target website while harvesting credentials and cookies, and in most cases allowing 2FA flows to complete. (source) Necrobrowser is…
-
This week it was reported that the 1000MW Kudankulam Nuclear Power Plant (KKNPP), owned by the Nuclear Power Corporation of India, had been hit by a cyber-attack. Two generators were taken offline. The company initially denied that an attack had taken place; however, shortly afterwards, it confirmed that one of its internet-connected administrator PCs was…
-
Earlier this week, the UK’s National Cyber Security Centre (NCSC) and the USA’s National Security Agency (NSA) revealed that the Russian hacker group widely known as Turla had been using the Iranian APT Oilrig’s tools and infrastructure to target victims for its own ends. The researchers came to this conclusion when investigating an attack that…
-
The environmental campaign group Extinction Rebellion began a new series of well-publicised protests on 7 October, when thousands of demonstrators gathered in major cities around the world, demanding government action to combat climate change. The speed with which the Extinction Rebellion movement has grown is startling. It was launched in October 2018 by Roger Hallam…
-
Huge street demonstrations have been taking place in Hong Kong since June this year. The protests began after Carrie Lam, the leader of the semi-autonomous territory, announced a new law that would allow Hong Kong citizens suspected of various crimes to be extradited to mainland China. In response to the demonstrations, Lam initially shelved the…
-
On 29 July it was reported that Capital One had been hit by a cyber-attack, resulting in the theft of data belonging to 106 million of its customers in the United States and Canada. Virginia-based Capital One is the third largest credit card issuer in the US: with the number of people impacted by the…
-
Introduction Over the course of three days (12 – 15 August 2019) we monitored the public submissions of three popular online sandbox services. These services allow anyone to upload a file and then generate a report about what happens when the file is opened; they then give an indication as to whether the file is…
-
A serious cyber attack came to light earlier in July, when hacker groups DigitalRevolution and 0v1ruS claimed responsibility for hacking, defacing and leaking data from SyTech, a contractor for the Federal Security Service of the Russian Federation (FSB). SyTech has been working with the FSB since 2009; it has contributed to a range of projects,…
-
Some of our recent blog articles have focused on how we can protect our personal data, or that of our children. In this post we will look at the question of cyber security when travelling abroad and using mobile devices. After all, both business and leisure travellers are unlikely to visit other countries without taking…
-
That more and more of our personal data is collected and shared – whether we are aware of it or not – is hardly a new insight: concerns about privacy continue to hit the headlines, even as stringent new laws and regulations come into force around the world. What is particularly interesting, however, is that…
-
We recently analysed an interesting new dotNet banker from Brazil. The malware is not particularly sophisticated and only reveals itself under certain conditions. Further, it contains no obfuscation, making the analysis reasonably simple. Delivery The malware was being delivered via email, utilising a very simple exe loader contained inside a zip file. This requires the…
-
As more business and leisure travellers take their mobile phones and laptops abroad with them, the issue of personal data privacy has become increasingly controversial. Apart from the invasive questions asked on visa application forms, and the requirement to provide biometric data such as fingerprints, border officials in some countries are now demanding that some…