Silensec Newsletter

Top News

Patreon attackers drop data, expose users

 The attackers that compromised Patreon have dumped the data on various bin sites.

It's perhaps a small irony that one of the dumps has landed on Mega, the Kim Dotcom-founded file-store that calls itself “The Privacy Company”. With 15 GB of data in the drop, there could be a lot of personal details in the leak (Vulture South is happy to leave it to others to pore over the data). Since site source code is apparently included among the compromised data – as Patreon explained, the data leak happened because a debug version of the site ended up outside the firewall – there's a risk that the site's code might help attackers recover the bcrypt-hashed data. Read more...



VBA malware is back!

 VBA malware is far from dead. In fact, as Sophos researchers recently noted, approximately 50 to 100 new VBA malware samples are spotted each day.

For those who don't know, VBA (Visual Basic for Applications) is Microsoft's implementation of Visual Basic that's built in many of its software, including its Office suite, and is used for automating tasks. Unfortunately, if the VBA code is malicious and is inserted in, for example, a Word file, it will execute automatically once the file is opened.



Top News

'RipSec' goes to Hollywood: how the iCloud celeb hack happened

The chief hacker behind the infamous iCloud celebrity hacks has revealed in a documentary how the group dubbed RipSec shook Hollywood by plundering thousands of photos and financial data of Tinsel Town icons.

The hacker broke silence and spoke to Canadian tech and producer Travis Doering who provides information security consultancy services to film producers, Hollywood stars, and businesses. Doering told Vulture South he obtained access to the secretive group and says he was able to establish the real identities of some of the iCloud hackers. Read more...



SIX MILLION fingerprints of US govt workers nicked in cyber-heist

 The fingerprints of nearly six million US government workers were copied by hackers who raided Uncle Sam's Office of Personnel Management (OPM).

The OPM said on Wednesday that figure should be 5.6 million.

A good number of these prints will belong to government employees who have applied for security clearances. The agency said it had found evidence of the latest theft when it was checking over records with the Department of Defense as part of the post-attack forensics. Why this took three months to spot has not been explained. Read more...


Top News

California Hackers Said to Hit Kremlin with DDoS

According to Russia’s government, somebody launched a “very powerful” distributed denial of service (DDoS) attack on the Kremlin, including a hit on its defense systems that slowed operations for a time. There are also reports that the attack targeted the election commission in Russia. "Someone attempted to hack our website and alter the data there, making 50,000 requests per minute," said Vladimir Churov, chairman of the Central Election Commission of Russia, speaking to Russia Today. Churov also said that the perp was an actor in the United States.

"They failed and we have already established the culprit," Churov said. "It's a company based in San Francisco." Read more...


Spyware Infects Phones, Adware Increases on Home PCs, Report Finds

 Security firms continue to warn smartphone users of the digital dangers of mobile malware, adware and spyware, but ironically, almost 80 percent of infected devices on mobile networks are tethered Windows laptops, not phones or tablets, network-security firm Alcatel-Lucent said on Sept. 16.

Widespread vulnerabilities, such as the Stagefright flaw, could change the threat landscape for mobile users. Currently, mobile users' biggest worry is not some criminal group in another country, but much closer to home: Spyware installed by a spouse or co-worker. Mobile spyware accounted for 10 of the top 25 most prevalent malicious programs and a third of infected mobile devices sending traffic to the Internet, according to Alcatel-Lucent's data. Read more...



Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed