SPECIAL STATE PROTECTION SERVICE
SPECIAL COMMUNICATION AND INFORMATION
SECURITY STATE AGENCY

COMPUTER EMERGENCY
RESPONSE CENTER

Report Incident

News

600,000 cable routers found to have a backdoor within a backdoor
16 Feb 2016

600,000 cable routers found to have a backdoor within a backdoor

Brazilian researcher discovers double security threat in Arris cable modems which allows an attacker to rewrite the firmware without the owner's knowledge.

Autopwn every Android < 4.2 device on your network using BetterCap and the "addJavascriptInterface" vulnerability.
21 Jan 2016

Autopwn every Android < 4.2 device on your network using BetterCap and the "addJavascriptInterface" vulnerability.

Recently I've been playing with Android's WebView based vulnerabilities, focusing on how to exploit them using a MITM attack.

Iron Tiger: How hackers have stolen terabytes of confidential data from US high-tech firms
19 Sept 2015

Iron Tiger: How hackers have stolen terabytes of confidential data from US high-tech firms

A new report claims that in 2013, a group of China-based hackers switched their attention from targeting victims in Asia-Pacific to stealing terabytes of confidential data from US high-tech firms and ...

Banks team up to improve distributed/shared ledger technology
17 Sept 2015

Banks team up to improve distributed/shared ledger technology

Nine financial institutions have formed an international coalition, in conjunction with the financial technology firm R3, to create and deliver advanced distributed/shared ledger technologies to ...

NoSQL EXPLOITATION FRAMEWORK – Framework For NoSQL Scanning and Exploitation
16 Sept 2015

NoSQL EXPLOITATION FRAMEWORK – Framework For NoSQL Scanning and Exploitation

Any database may include sensitive information such as usernames , passwords or users data. This makes a proper security assessment with whole architecture review is required for identifying security ...

In blunder threatening Windows users, D-Link publishes code-signing key
15 Sept 2015

In blunder threatening Windows users, D-Link publishes code-signing key

In a ham-fisted move that threatens computer users everywhere, developers at router manufacturer D-Link published a private cryptography key used to certify that software is trustworthy and not ...

Google’s own researchers challenge key Android security talking point
14 Sept 2015

Google’s own researchers challenge key Android security talking point

Members of Google's Project Zero vulnerability research team have challenged a key talking point surrounding the security of Google's Android mobile operating system. To wit, a key exploit mitigation ...

The Moose is loose: Linux-based worm turns routers into social network bots
27 May 2015

The Moose is loose: Linux-based worm turns routers into social network bots

A worm that targets cable and DSL modems, home routers, and other embedded computers is turning those devices into a proxy network for launching armies of fraudulent Instagram, Twitter, and Vine ...

Android ransomware distributed to English speakers in spam campaign
26 May 2015

Android ransomware distributed to English speakers in spam campaign

Emails containing a variant of popular Android ransomware are being sent to thousands of mobile users in English-speaking countries as part of a spam campaign recently identified by researchers with ...

PuTTY Client Found Compiled with Trojan
25 May 2015

PuTTY Client Found Compiled with Trojan

New version of putty SSH-client have been spotted compiled with a Trojan.

Researchers observe SVG files being used to distribute ransomware
24 May 2015

Researchers observe SVG files being used to distribute ransomware

Researchers with AppRiver have observed attackers sending out phishing emails with SVG files attached – these files, when downloaded and executed, open up websites that download what appears to be ...

LogJam: Researchers Identify Another Web Encryption Vulnerability
23 May 2015

LogJam: Researchers Identify Another Web Encryption Vulnerability

A new potentially high-impact vulnerability called LogJam has been revealed by researchers, which has similarities to the FREAK (CVE-2015-0204) vulnerability disclosed a few months ago, whereby a ...