IT Security Weekend Catch Up Holiday Edition – December 25, 2016

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! Continue reading “IT Security Weekend Catch Up Holiday Edition – December 25, 2016”

Banking trojan, Gmail webinject, SMS message and malicious APK – all in one attack scenario

As many banks use SMS 2FA for transfer authorization, malware authors are constantly looking for new opportunities to take over control of PC infection victims’ smartphones. We have identified a new attack scenario that involves both PC and mobile devices infection by leveraging trust people have in Google services. Continue reading “Banking trojan, Gmail webinject, SMS message and malicious APK – all in one attack scenario”

Bypassing Apple’s Activation Lock with typing and magnets – for a fraction of a second

One of the strongest security mechanisms implemented by Apple is called Activation Lock. It prohibits anyone without access to owner’s Apple ID password from accessing a stolen or lost iDevice. Unless they have a lot of patience and some magnets. Read more »

New Mirai attack vector – bot exploits a recently discovered router vulnerability

Nowadays the market for IoT botnets must be really saturated. Botmasters are looking for new infection vectors to gain an advantage over competitors and a few extra Gbps of power. Yesterday one of our readers’ routers became a victim of this race. Lets look at the bot and the infection vector, which involves two vulnerabilities. Read more »