Latest News

2019/10/14

Romania Becomes European Cyber Security Challenge Winners

Romania has just won the title of a European champion in the European Cyber Security Challenge 2019 competition, which took place over October 9-11, at the Parliament Palace in Bucharest.

The distinctions were granted to the Romanian team and the other countries at the Award Gala held on Friday evening at the National Military Centre in the Capital City.
2019/10/14

Sophisticated Spy Kit Targets Russians with Rare GSM Plugin

The Attor malware targets government and diplomatic victims with unusual tactics.

A sophisticated cyberespionage platform called Attor has come to light, sporting an unusual capability for fingerprinting mobile devices as part of its attacks on government and diplomatic victims.

According to researchers at ESET, Attor, which has flown under the radar since at least 2013, also sports a complex modular architecture and elaborate network communications utilizing Tor, making it a highly evolved threat.
2019/10/14

Iran-Linked ‘Charming Kitten’ Touts New Spearphishing Tactics

A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trump’s 2020 re-election campaign.

An Iran-linked advanced persistent threat (APT) group tied to attacks on President Trump’s 2020 re-election campaign has added new spearphishing techniques to its arsenal in an apparent ramp-up in operations.
2019/10/09

[Nice Read] I Could Crash Your Instagram Remotely. But I Chose to Report It.

"On April 2019, I had the foolish idea of testing Facebook security (and more specifically Instagram security), after I got informed that the company enabled a new setting on their assets (called Whitehat Settings), making easier for researchers to discover new vulnerabilities (pinning was not a problem, I am just a bit lazy sometimes :P)."
2019/10/09

APT Groups Exploiting Flaws in Unpatched VPNs

U.S. and U.K. agencies warn consumers to update VPN technologies from Fortinet, Pulse Secure and Palo Alto Networks.

State-sponsored advanced persistent threat (APT) groups are using flaws in outdated VPN technologies from Palo Alto Networks, Fortinet and Pulse Secure to carry out cyber attacks on targets in the United States and overseas, warned U.S. and U.K. officials.

The National Security Agency (NSA) issued a Cybersecurity Advisory Monday about the threats and offered mitigation suggestions, warning that multiple APT actors have weaponized three critical vulnerabilities first published in August–CVE-2019-11539, CVE-2019-11510 and CVE-2018-13379–to gain access to vulnerable VPN devices. The first two affect Pulse Secure VPNs while the third affects Fortinet technology.