Exploits against enterprise-grade Cisco firewalls dumped by the ShadowBrokers have quickly—and apparently without a lot of strenuous effort—been upgraded to attack more current versions of ASA. Researchers at Silent Signal in Hungary yesterday tweeted they had ported the EXTRABACON attack to ASA version 9.2(4), which was released a year ago. We successfully ported EXTRABACON to...

Epic Games is warning users of a breach that impacts 800,000 user accounts tied to the company’s online forums. On Monday, the game developer temporarily shut down many of its forums and advised users to change passwords on any accounts that shared the same credentials for some of its forums. Epic Games said the breach...

Researchers said a new variant of the Hancitor downloader has shifted tactics and adopted new dropper strategies and obfuscation techniques on infected PCs. Researchers at Palo Alto Networks are currently tracking the biggest push of the Hancitor family of malware since June that it says has shifted away from H1N1 downloader and now distributes the Pony and Vawtrak executables....

Juniper Networks on Friday acknowledged that exploits contained in the ShadowBrokers data dump do indeed target its products. “As part of our analysis of these files, we identified an attack against NetScreen devices running ScreenOS,” said Derrick Scholl, director of security incident response at Juniper. “We are examining the extent of the attack, but initial analysis...

A massive Locky ransomware campaign spotted this month targets primarily the healthcare sector and is delivered in phishing campaigns. The payload, researchers at FireEye said, is dropped via .DOCM attachments, which are macro-enabled Office 2007 Word documents. Especially hard hit are hospitals in the United States followed by Japan, Korea and Thailand, according to research published Wednesday by...

A high-stakes game of attribution started by a group claiming to have a cache of exploits belonging to the Equation Group took a somewhat definitive turn Tuesday afternoon. Researchers at Kaspersky Lab yesterday confirmed a connection between the tools currently up for auction by the ShadowBrokers and Equation Group exploits and malware that researchers at...

Eight out of 10 Android devices are affected by a critical Linux vulnerability disclosed last week that allows attackers to identify hosts communicating over the Transmission Control Protocol (TCP) and either terminate connections or attack traffic. The flaw has been present in the TCP implementation in Linux systems since 2012 (version 3.6 of the kernel),...

Less than a month after disclosing a Windows User Account Control bypass, researcher Matt Nelson today published another attack that circumvents the security feature and leaves no traces on the hard disk. This time, the bypass relies on Event Viewer (eventvwr.exe), a native Windows feature used to view event logs locally or remotely. Nelson said...

Stealing data from air-gapped computers is one of the great exercises in computer security: advanced attackers covet what’s stored on these isolated machines, while researchers try to figure out the novel ways adversaries could jump those gaps. The latest effort doesn’t involve USBs, heat, acoustical mesh networks, or decoding radio signals. Instead, researchers from Ben-Gurion...

Academic researchers added another hack to a growing list of compromises involving vehicles, and this one should give drivers pause the next time they leave valuables locked in their trunk. This hack involves millions of Volkswagen, Ford and Chevrolet vehicles that rely on an outdated key fob technology, which creates an opportunity for even an “unskilled adversary”...