RSS Feeds:
HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed
Become a supporter on Patreon:
Show Notes:
Mirai IoT Botnet Co-Authors Plead Guilty
The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called “Internet of Things” devices such as security cameras, routers, and digital video recorders for use in large scale attacks designed to knock Web sites and entire networks offline (including multiple major attacks against this site).
Pre-Installed Keylogger Found On Over 460 HP Laptop Models
The Keylogger was found embedded in the SynTP.sys file, a part of Synaptics touchpad driver that ships with HP notebook computers, leaving more than 460 HP Notebook models vulnerable to hackers.
A security researcher who goes by the name of ZwClose discovered a keylogger in several Hewlett-Packard (HP) laptops that could allow hackers to record your every keystroke and steal sensitive data, including passwords, account information, and credit card details.
Apple Releases iOS 11.2.1 Update With HomeKit Remote Sharing Fix
According to Apple’s release notes, the update re-enables remote access for shared users of the Home app. Apple broke remote access for shared users when implementing a fix for a major HomeKit vulnerability last week.
FreeNAS
Feedback
- Any input on giving a “security” presentation to HR?
- New feedback URL: techsnap.systems – Contact
Process Doppelgänging attack affects all Windows version & evades AV products
Dubbed ‘Process** **Doppelgänging‘ by Tal Liberman and Eugene Kogan of EnSilo, the attack was _demonstrated_during Black Hat Europe 2017 security conference in London earlier today.
Doppelgänging, a fileless code injection technique, works in such a manner that an attacker can manipulate the way Windows handles its file transaction process and pass malicious files even if the code is known to be malicious.
According to security duo “The goal of the technique is to allow a malware to run arbitrary code (including code that is known to be malicious) in the context of a legitimate process on the target machine.”