Exploit This

Security News, Exploits, and Vulnerabilities.

The Mistakes of Smart Medicine

A technological boom in medicine both encouraged medical institutions to use exclusively information systems in processing data and led to the emergence of new types of technological equipment and personal devices that can be used to interact with traditional systems and networks. This means that the threats that are relevant for them can also be relevant for medical systems.

On the StrongPity Waterhole Attacks Targeting Italian and Belgian Encryption Users

What is most interesting about the StrongPity APT’s more recent activity however, is their focus on users of encryption tools, peaking this past summer. In particular, the focus was on Italian and Belgian users, but the StrongPity watering holes affected systems in far more locations than those two.

Conference Report: HITCON 2016 in Taipei

Hacks in Taiwan Conference (HITCON) 2016 was held on 22 – 23 July 2016 in Taipei, Taiwan. The theme of HITCON Community this year is “Security or Nothing”, focusing on hacking techniques and information security. About 1,500 participants attended to… Read Full Article

Lurk: a danger where you least expect it

While we were researching the malicious program Lurk in early February 2016, we discovered an interesting oddity in how this banking Trojan spreads. From the data we had, it emerged that the users attacked by Lurk also installed the remote administration software Ammyy Admin on their computers.

The Tip of the Iceberg: An Unexpected Turn in the xDedic Story

Last week we reported on the xDedic underground marketplace. The day after, an anonymous source posted the links pointed to a series of pastes on the Pastebin, which in turn contained long lists of IP addresses. The author of the comment mentioned that the list of pastes is related to hacked servers from the xDedic marketplace.

Freezer Paper around Free Meat

Repackaging Open Source BeEF for Tracking and More

Beware of Backdoored Linux Mint ISOs

Background Yesterday a blog post on “The Linux Mint Blog” caught our attention. Apparently criminals managed to compromise a vulnerable instance of WordPress which the project used to run their website. The attackers modified download links pointing to backdoored ISO… Read Full Article

TGIF(P) – Thank god it’s fried phish

There is that expression “TGIF” and I recently noticed that some of my Japanese colleagues/friends would not know what it actually stands for. Spoiler: It commonly means “Thank god it’s Friday” and probably many working people will be able to… Read Full Article

%d bloggers like this: