SPECIAL COMMUNICATION AND INFORMATION SECURITY STATE SERVICE

COMPUTER EMERGENCY
RESPONSE CENTER

Report Incident

News

QUADROOTER: NEW ANDROID VULNERABILITIES IN OVER 900 MILLION DEVICES
2 Aug 2016

QUADROOTER: NEW ANDROID VULNERABILITIES IN OVER 900 MILLION DEVICES

Check Point today disclosed details about a set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm® chipsets. The Check Point mobile threat research team, ...

MICROSOFT WON’T FIX WINDOWS FLAW THAT LETS HACKERS STEAL YOUR USERNAME AND PASSWORD
2 Aug 2016

MICROSOFT WON’T FIX WINDOWS FLAW THAT LETS HACKERS STEAL YOUR USERNAME AND PASSWORD

The flaw, which allows a malicious website to extract user passwords, is made worse if a user is logged in with a Microsoft account.

BACKDOOR.REMVIO: HIGHLY CUSTOMIZABLE REMOTE ACCESS TROJAN SOLD ONLINE
1 Aug 2016

BACKDOOR.REMVIO: HIGHLY CUSTOMIZABLE REMOTE ACCESS TROJAN SOLD ONLINE

The new Trojan can be used to steal information and passwords from compromised computers.

A FLAW IN SAMSUNG PAY COULD BE EXPLOITED TO REMOTELY SKIM CREDIT CARDS
1 Aug 2016

A FLAW IN SAMSUNG PAY COULD BE EXPLOITED TO REMOTELY SKIM CREDIT CARDS

he security expert Salvador Mendoza demonstrated that is it easy to steal Samsung Pay tokens and reuse them to make fraudulent purchases.

BACKDOOR.TEAMVIEWER.49
31 May 2016

BACKDOOR.TEAMVIEWER.49

Crooks use your PC to hide their IP, funnel Web traffic. BackDoor.TeamViewer.49 is the name of a backdoor trojan discovered by Russian security vendor Dr.Web, who claims it will install the TeamViewer ...

600,000 cable routers found to have a backdoor within a backdoor
16 Feb 2016

600,000 cable routers found to have a backdoor within a backdoor

Brazilian researcher discovers double security threat in Arris cable modems which allows an attacker to rewrite the firmware without the owner's knowledge.

Autopwn every Android < 4.2 device on your network using BetterCap and the "addJavascriptInterface" vulnerability.
21 Jan 2016

Autopwn every Android < 4.2 device on your network using BetterCap and the "addJavascriptInterface" vulnerability.

Recently I've been playing with Android's WebView based vulnerabilities, focusing on how to exploit them using a MITM attack.

Iron Tiger: How hackers have stolen terabytes of confidential data from US high-tech firms
19 Sept 2015

Iron Tiger: How hackers have stolen terabytes of confidential data from US high-tech firms

A new report claims that in 2013, a group of China-based hackers switched their attention from targeting victims in Asia-Pacific to stealing terabytes of confidential data from US high-tech firms and ...

Banks team up to improve distributed/shared ledger technology
17 Sept 2015

Banks team up to improve distributed/shared ledger technology

Nine financial institutions have formed an international coalition, in conjunction with the financial technology firm R3, to create and deliver advanced distributed/shared ledger technologies to ...

NoSQL EXPLOITATION FRAMEWORK – Framework For NoSQL Scanning and Exploitation
16 Sept 2015

NoSQL EXPLOITATION FRAMEWORK – Framework For NoSQL Scanning and Exploitation

Any database may include sensitive information such as usernames , passwords or users data. This makes a proper security assessment with whole architecture review is required for identifying security ...

In blunder threatening Windows users, D-Link publishes code-signing key
15 Sept 2015

In blunder threatening Windows users, D-Link publishes code-signing key

In a ham-fisted move that threatens computer users everywhere, developers at router manufacturer D-Link published a private cryptography key used to certify that software is trustworthy and not ...

Google’s own researchers challenge key Android security talking point
14 Sept 2015

Google’s own researchers challenge key Android security talking point

Members of Google's Project Zero vulnerability research team have challenged a key talking point surrounding the security of Google's Android mobile operating system. To wit, a key exploit mitigation ...