'GhostHook' Foils Windows 10 64-bit's Kernel Protection
6/22/2017Microsoft says an attacker needs kernel-level access before they can use the 'GhostHook' technique to install a rootkit.
Post a Comment
Author
Profile of Jai Vijayan
Freelance writer News & Commentary Posts: 374Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics including Big Data, Hadoop, Internet of Things, E-voting and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, IL.
Articles by Jai Vijayan
Microsoft says an attacker needs kernel-level access before they can use the 'GhostHook' technique to install a rootkit.
Post a Comment
WannaCry Forces Honda to Take Production Plant Offline
6/21/2017Work on over 1,000 vehicles affected at automaker's Sayama plant in Japan while systems were restored.
Post a Comment
Organizations Are Detecting Intrusions More Quickly
6/20/2017But almost every other metric in Trustwave's 2017 global cybersecurity report card is headed in the wrong direction.
Post a Comment
FIN10 Threat Actors Hack and Extort Canadian Mining, Casino Industries
6/16/2017Previously unknown threat actor has extracted hundreds of thousands of dollars from Canadian companies in a vicious cyberattack campaign that dates back to 2013, FireEye says.
Post a Comment
NSA Reportedly Confident North Korea Was Behind WannaCry
6/15/2017But some say no evidence exists to unequivocally pin blame for attacks on Pyongyang.
Post a Comment
US Warns of North Korea's Not-So-Secret 'Hidden Cobra' DDoS Botnet
6/14/2017Reclusive government behind DDoS infrastructure is targeting organizations around the world US-CERT says.
Post a Comment
First Malware Designed Solely for Electric Grids Caused 2016 Ukraine Outage
6/12/2017Attackers used CrashOverride/Industroyer to cause a partial power outage in Kiev, Ukraine, but it can be used anywhere, say researchers at Dragos and ESET.
Post a Comment
Move Over, Mirai: Persirai Now the Top IP Camera Botnet
6/8/2017Mirai's success has spawned a flurry of similar IoT malware.
Post a Comment
RIG Exploit Kit Takedown Sheds Light on Domain Shadowing
6/7/2017Threat actors hid tens of thousands of shadow domains behind legitimate domains to carry out malicious activity.
Post a Comment
Outdated Software Commonplace on Enterprise Endpoints
6/6/2017Enterprises that stick with older versions of operating systems and other software are missing out on security features in newer versions, Duo Security says.
Post a Comment
OneLogin Breach Reignites Concerns over Password Managers
6/1/2017Entrusting all your passwords to a single organization creates a single point of failure, experts say in the wake of a new data breach at OneLogin.
Post a Comment
A Nation State-Looking Cyberattack that Wasn't
5/31/2017Symantec researchers uncover a cybercrime campaign with all the hallmarks of a state-sponsored campaign that didn't even make much money for the attackers.
Post a Comment
Cybercriminals Regularly Battle it Out on the Dark Web
5/30/2017People operating criminal services on Tor and other darknets attack each other frequently, a study by Trend Micro shows.
Post a Comment
New Samba Bug Dangerous But No WannaCry
5/25/2017The administrators of the open-source Samba software have fixed a newly discovered vulnerability that lets attackers upload malicious files to vulnerable systems and servers.
Post a Comment
Split Tunnel SMTP Exploit Bypasses Email Security Gateways
5/25/2017Attackers can inject malicious payloads directly to email server via email encryption appliances, Securolytics says.
Post a Comment
Data Breach, Vulnerability Data on Track to Set New Records in 2017
5/23/2017There are so far 1,254 publicly reported data breaches and 4,837 published vulnerabilities in the first quarter of this year.
Post a Comment
APT3 Threat Group a Contractor for Chinese Intelligence Agency
5/18/2017Recorded Future says its research shows clear link between cyber threat group and China's Ministry of State Security.
Post a Comment
NSA Tools Behind WannaCry Being Used In Even Bigger Attack Campaign
5/18/2017Attackers have been using NSAs EternalBlue and Double Pulsar to distribute AdylKuzz cryptocurrency malware to hundreds of thousands of systems, Proofpoint says.
Post a Comment
ShadowBrokers To Launch Monthly Subscription Service for Exploits
5/16/2017Think of it like a wine of the month club for attack tools and new exploits threat group says.
Post a Comment
APT28, Turla Nation-State Groups Deployed Multiple 0Days in Recent Attacks
5/11/2017Attack campaigns by APT28, Turla, and an unidentified group showcase easy availability of zero-days.
Post a Comment
The Long Tail of the Intel AMT Flaw
5/10/2017Organizations impacted by easily exploitable privilege escalation vulnerability may need time to apply firmware patches, analysts say.
Post a Comment
And Now a Ransomware Tool That Charges Based On Where You Live
5/6/2017Malware is designed to charge more for victims in countries with a higher cost of living, Recorded Future says.
Post a Comment
Blackmoon Banking Trojan Goes Modular
5/5/2017Threat actors have begun using a new and unique framework to deliver malware to web users in South Korea, Fidelis says.
Post a Comment
Netflix Incident a Sign of Increase in Cyber Extortion Campaigns
5/3/2017Attackers using threats of data exposure and DDoS disruptions to try and extort ransoms from organizations.
Post a Comment
DDoS Attacks Surge, Organizations Struggle to Respond
5/2/2017Organizations often discover a DDoS attack only after being alerted to the fact by a third-party or customer, Neustar survey shows.
Post a Comment
Verizon DBIR Shows Attack Patterns Vary Widely By Industry
4/27/2017It’s not always the newest or the most sophisticated threat you need to worry about, Verizon’s breach and security incident data for 2016 shows.
Post a Comment
Exploits Targeting Corporate Users Surged Nearly 30% In 2016
4/21/2017At same time, number of attacks targeting software vulnerabilities in systems used by consumers declined over 20%, Kaspersky Lab says in new report.
Post a Comment
APT Attack Activity Occurs at 'Low, Consistent Hum,' Rapid7 Finds
4/20/2017Organizations in industries aligned to nation-state interests are main targets of nation-state attack threats, new quarterly threat report shows.
Post a Comment
CISOs, Board Members Have Widely Divergent Views on Cybersecurity
4/18/2017Boards often want a lot more business-relevant reporting than CISOs provide, Focal Point Data Risk study shows.
Post a Comment
Ransomware, Mac Malware Dominate Q1 Threat Landscape
4/14/2017Cerber, somewhat unexpectedly, emerged as the biggest ransomware threat, Malwarebytes found.
Post a Comment
95% of Organizations Have Employees Seeking to Bypass Security Controls
4/13/2017Use of TOR, private VPNs on the rise in enterprises, Dtex report shows.
Post a Comment
New Breed of DDoS Attack On the Rise
4/13/2017Akamai Networks since October has detected and mitigated at least 50 DDoS attacks using Connectionless LDAP.
Post a Comment
China-Based Threat Actor APT10 Ramps Up Cyber Espionage Activity
4/6/2017Customers of managed security service providers, website of US trade lobby group targeted in separate campaigns
Post a Comment
Pegasus For Android Spyware Just As Lethal As iOS Version
4/6/2017Researchers from Lookout, Google describe it as highly sophisticated tool for targeted surveillance purposes.
Post a Comment
FCC Privacy Rule Repeal Will Have Widespread Security Implications
4/4/2017Concerns over the action are sending VPN sales soaring, some vendors say.
Post a Comment
'Sundown' Rises as New Threat in Depleted Exploit Kit Landscape
3/31/2017New exploits and obfuscation tactics have made once second-tier EK a potent threat, researchers from Cisco Talos say.
Post a Comment
Insider Threat Fear Greater Than Ever, Survey Shows
3/29/2017More than half of security pros say insider threat incidents have become more frequent in the past 12 months.
Post a Comment
Cerber Ransomware Now Evades Machine Learning
3/29/2017New variant has been broken into separate harmless-looking components to fool ML-based detection systems, Trend Micro says.
Post a Comment
Apple: Mac, iPhone Bugs That CIA Allegedly Exploited Were Fixed Years Ago
3/24/2017New WikiLeaks data dump describes "Sonic Screwdriver," other CIA exploits for Mac desktops and iPhones
Post a Comment
Sandia Testing New Intrusion Detection Tool That Mimics Human Brain
3/24/2017Neuromorphic Data Microscope can spot malicious patterns in network traffic 100 times faster than current tool, lab claims.
Post a Comment
Windows 'DoubleAgent' Attack Turns AV Tools into Malware
3/22/2017Zero-day attack exploits a legitimate process in Windows, according to Cybellum; AV vendors downplay threat.
Post a Comment
New Metasploit Extension Available for Testing IoT Device Security
3/21/2017RFTransceiver extension for the Metasploit Hardware Bridge API will let organizations detect and scan wireless devices operating outside 802.11 spec.
Post a Comment
Bug Bounty Programs are Growing Up Fast and Paying More
3/20/2017As more organizations crowdsource the vulnerability-hunting of their software, the process itself has become more formal, as well as more lucrative for researchers.
Post a Comment
New MagikPOS Malware Targets Point-of-Sale Systems In US & Canada
3/17/2017Malware uses a remote access Trojan to sniff out potential victims first, Trend Micro says.
Post a Comment
What Businesses Can Learn From the CIA Data Breach
3/16/2017Just because threats like malicious insiders, zero-days, and IoT vulnerabilities are well-understood doesn’t mean organizations have a handle on them.
Post a Comment
Stockpiling 0-Day Bugs Not So Dangerous After All, RAND Study Shows
3/10/2017A RAND Corp. study of more than 200 zero-days shows that benefits of disclosure can often be more modest than perceived.
Post a Comment
Attacks Under Way Against Easily Exploitable Apache Struts Flaw
3/9/2017Enterprises urged to upgrade now to more secure versions of Web application framework.
Post a Comment
Researchers Find Multiple Critical Flaws In Confide Secure Messaging App
3/8/2017All flaws have been fixed, says maker of app purportedly used for secret communications by political operatives in DC.
Post a Comment
'Entire Hacking Capacity Of CIA' Dumped On Wikileaks, Site Claims
3/7/2017Leaked data tranche of 8,700 documents purportedly includes tools that turn smart TVs into covert surveillance devices.
Post a Comment
Attackers Employ Sneaky New Method to Control Trojans
3/3/2017A new malware sample shows threat actors have begun using DNS TXT record and queries for C2 communications, Cisco Talos says,
Post a Comment
Cloudflare Breach Had Potential To Be Much Worse
3/2/2017An initial analysis shows no personal data was leaked and most customers not impacted, Cloudflare's CEO says.
Post a Comment
New Version Of Dridex Banking Trojan Uses ‘AtomBombing’ To Infect Systems
3/1/2017It’s the first malware to use a newly disclosed code-injection method to break into to Windows systems
Post a Comment
Massive Necurs Spam Botnet Now Equipped to Launch DDoS Attacks
2/28/2017With more than one million active bots at any time, a Necurs-enabled DDoS attack could dwarf such an attack by the Mirai botnet.
Post a Comment
Cloudflare Leaked Web Customer Data For Months
2/24/2017Potential scope of issue evokes comparisons to Heartbleed.
Post a Comment
Survey: Most Attackers Need Less Than 12 Hours To Break In
2/23/2017A Nuix study of DEFCON pen testers shows that the usual security controls are of little use against a determined intruder
Post a Comment
Exploit Kit-Based Attacks Decline Dramatically
2/23/2017But it's too soon to call this downward trend a permanent shift, experts say.
Post a Comment
At Least 70 Organizations Targeted In Sophisticated Cyber Surveillance Operation
2/17/2017Most of the targets are in Ukraine, though a few have been spotted in Russia and elsewhere, CyberX says
Post a Comment
Ransomware Growth Fueled By Russian-Speaking Cybercriminals
2/16/2017Individuals and groups from Russian-speaking countries responsible for a lot of ransomware activity, Kaspersky Lab says.
Post a Comment
Russian-Speaking Rasputin Breaches Dozens Of Organizations
2/15/2017Attacker behind Election Assistance Commission hack now using SQL injection as his weapon of choice against universities and government agencies.
Post a Comment
CrowdStrike Fails In Bid To Stop NSS Labs From Publishing Test Results At RSA
2/14/2017NSS results are based on incomplete and materially incorrect data, CrowdStrike CEO George Kurtz says.
Post a Comment
Alleged Russian Hacker With Ties To ‘Notorious Cybercriminals’ Arrested In LA
2/10/2017Alexander Tverdokhlebov is being held on charges of conspiring with another hacker to steal money from online bank accounts.
Post a Comment
Threat Hunting Becoming Top Of Mind Issue For SOCs
2/9/2017Nearly 80% of the respondents in a LinkedIn poll said that threat hunting already is, or should be a top-level initiative.
Post a Comment
Organizations In 40 Countries Under ‘Invisible’ Cyberattacks
2/8/2017Unknown threat actors are stealing sensitive financial data using memory resident malware crafted from legitimate tools, Kaspersky Lab warns.
Post a Comment
Cloud Storage The New Favorite Target Of Phishing Attacks
2/7/20172016 data shows that phishing scams involving brands like Google and DropBox will soon overtake scams involving financial companies, PhishLabs says.
Post a Comment
Windows SMB Zero-Day Exploit On The Loose
2/3/2017Vulnerability allows remote attackers to trigger denial-of-service conditions on several Windows client versions.
Post a Comment
Metasploit Can Now Be Directly Linked To Hardware For Vulnerability Testing
2/2/2017New hardware bridge extends penetration testing tools capabilities into physical world.
Post a Comment
Netgear Addresses Password Bypass Vulns In 31 Router Models
2/1/2017Company has made patches, workarounds available to mitigate password bypass threat that potentially impacted 1 million devices, Trustwave says.
Post a Comment
Google Paid $3 Million To Bug Hunters In 2016
1/31/2017Search engine giant an example of the growing number of organizations benefiting from bug bounty programs.
Post a Comment
Are Security Concerns Over Trump’s Android, Twitter Use Overblown?
1/27/2017Security experts say it’s hard to know for sure without further details.
Post a Comment
Most Companies Still Willing To Pay Ransom To Recover Data, Survey Shows
1/26/2017St. Louis Public Library system becomes latest example of growing number refusing to do so
Post a Comment
Google Removes Ransomware-Laden App From Play Store
1/25/2017Incident is believed to be first time threat actors have snuck ransomware into Google’s official mobile app store.
Post a Comment
Meet Ripper.cc, A Reputation Service For Cybercriminals
1/24/2017Ripper.cc offers a service to help protect the genuine cybercriminals from the scammers in their midst.
Post a Comment
Corporate Legal Counsels Fret Over Cybersecurity
1/20/2017BDO Consulting survey shows in-house legal executives cite data breaches, cross-border data transfers, as risks with e-discovery.
Post a Comment
Number Of Data Breach Disclosures Jumped 40% in 2016
1/19/2017Though there were no mega breaches, 2016 had more breaches on record than any previous year, according to a new report.
Post a Comment
Mobile Security Gap Threatens Enterprises
1/18/2017Rush to release, rapid growth in mobile malware is exacerbating the problem, two reports show.
Post a Comment
Dangerous New Gmail Phishing Attack Gaining Steam
1/17/2017None of the usual browser indicators of fraudulent websites are present in this method of phishing.
Post a Comment
WhatsApp Denies It Has Backdoor For Decrypting Messages
1/13/2017‘Backdoor’ is really a feature for ensuring messages are not lost in certain situations, company claims.
Post a Comment
Shadow Brokers Calls It Quits After Failing To Get Buyers For NSA Exploits
1/12/2017But group says it is still willing to dump its collection of Linux and Windows tools if it gets 10,000 bitcoins.
Post a Comment
Shadow Brokers Offers Database Of Windows Exploits For Sale
1/10/2017Notorious hacking crew claims tools are from NSA-affiliated Equation Group, and include plugin for tampering with event logs.
Post a Comment
Cyber Deterrence Should Be Key Focus For Trump Administration, Task Force Says
1/6/2017Time for US to strengthen consequences for cyberattacks, CSIS says in recommendations to incoming administration.
Post a Comment
‘Ghost Hosts’ Bypass URL Filtering
1/5/2017Malware authors have found a way to evade URL-blocking systems by swapping bad domain names with unknown ones.
Post a Comment
FTC Launches Contest For Technology Tool To Protect Home IoT Devices
1/4/2017IoT Home Inspector Challenge will award $25,000 for best proposal
Post a Comment
Newly Discovered Android Trojan Hijacks Routers
1/3/2017Switcher takes advantage of Android users to infect WiFi routers in 'dangerous new trend.'
Post a Comment
Threat Actors Bring Ransomware To Industrial Sector With New Version of KillDisk
12/29/2016Disk-erasing malware has been tweaked to encrypt data instead and to ask for a Bitcoin payment.
Post a Comment
'Alice' Malware Loots ATMs
12/21/2016Trend Micro has an alert about a new bare-bones ATM malware family it recently uncovered.
Post a Comment
Panasonic Inflight Entertainment System Vulnerable To Attack
12/20/2016Flaws could theoretically allow access to aircraft control systems, IOActive says in disputed report.
Post a Comment
Spammers Work Up A Hailstorm
12/19/2016In their constant effort to evade anti-spam filters, spammers have devised a new way to deliver junk mail to your inbox.
Post a Comment
5 Ways The Cyber-Threat Landscape Shifted In 2016
12/19/2016IoT botnets and turnkey phishing services were just some of the ways the bad guys stayed ahead in 2016
Post a Comment
Obama: US Will Retaliate Against Russian Cyberattacks In Proportional Manner
12/16/2016US action will include both covert and explicit response, President says. Meanwhile, a Russian-speaking hacker was discovered behind a data breach of the US Election Assistance Commission (EAC).
Post a Comment
1 Billion Users Exposed In Another Record Breach From Yahoo
12/15/2016Security experts slam Yahoo for the newly disclosed August 2013 intrusion, and fresh questions arise about Verizon's plans to acquire the company.
Post a Comment
Survey: Majority Of Businesses Would Pay Ransomware Attackers
12/14/2016Nearly 70% of ransomware victims surveyed by IBM said they paid between $10K and $40K to retrieve their data.
Post a Comment
Microsoft Patches Dangerous Backdoor In Skype For Mac OS X
12/13/2016Vulnerability would have let attackers record calls, intercept and read messages, and siphon out all kinds of data, Trustwave says.
Post a Comment
Obama Orders Inquiry Into Cyberattacks On Democratic Party Websites
12/9/2016President wants U.S. intelligence to provide report before he leaves office Jan. 20.
Post a Comment
Data Theft At ThyssenKrupp Highlights Industrial Espionage Threat
12/8/2016German conglomerate confirms it was a victim of a cyberattack in which intellectual property belonging to some of its businesses was stolen.
Post a Comment
Researchers Find Backdoors, Bugs In Sony, White Box IP Cameras
12/7/2016New vulnerabilities discovered by SEC Consult and Cybereason highight increasing IoT threat to enterprises.
Post a Comment
Most iOS Apps In Enterprises Not Using Apple Encryption Feature
12/7/2016Despite a January 1, 2017 deadline, not many app vendors have switched on the Apple App Transport Security, according to a study by Appthority.
Post a Comment
'Frighteningly Easy' Hack Guesses Full Credit Card Details In 6 Seconds
12/2/2016Attack works only on Visa network, Newcastle University researchers say.
Post a Comment
Organizations In Saudi Arabia Reportedly Hit In Destructive New Shamoon Attacks
12/1/2016Thousands of computers at country’s main civil aviation authority and other entities rendered unusable by same malware that destroyed 30,000 computers at Aramco in 2012.
Post a Comment
In Break From Usual, Threat Actors Use RAT To Steal POS Data
11/30/2016New NetWire RAT version comes with keylogger for stealing a lot more than just credit and debit card data.
Post a Comment
Deutsche Telekom Attacks Suggest Mirai Threat Poised To Become Much Larger
11/29/2016With attack, Mirai has added an exploit targeting Web service vulnerability.
Post a Comment
White Papers
Video
1 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: just wondering...Thanx
Latest Comment: just wondering...Thanx
Current Issue
Security Operations and IT Operations: Finding the Path to CollaborationA wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
The Dark Reading Security Spending Survey
Enterprises are spending an unprecedented amount of money on IT security — where does it all go? In this survey, Dark Reading polled senior IT management on security budgets and spending plans, and their priorities for the coming year. Download the report and find out what they had to say.
Slideshows
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...
CVE-2016-10369NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).
CVE-2016-8202unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...
CVE-2016-8209A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.
CVE-2017-0890Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2017 UBM, All rights reserved
Tweet This