A.P. Moller–Maersk Group, the world's largest container shipping company, reinstalled 45000 PCs and 4000 Servers to recover from the NotPetya ransomware attack.
The U.S. Secret Service is warning financial institutions that ATM jackpotting attacks are targeting cash machines in the United States. Attackers are able to empty Diebold Nixdorf and possibly other ATM machines with malware, endoscope and social engineering skills.
Microsoft disables Spectre software mitigation released earlier this month due to system instability.
Data from the fitness tracking app Strava gives away the location of sensitive locations like army bases.
China built African union building for free, but the building is riddled with microphones and computers are transmitting all voice data back to servers in Shanghai.
Journalist Marc Miller has interviewed one of the hackers of the ICEMAN group behind "Emmental" phishing campaign targeting bank clients.
Errata Security blog about the political nature of the cyber attack attribution. Mostly about the WannaCry and North Korea connection, but it is a good overview on attribution bias in general.
Great article about the largest malvertising campaign of a last year. So called Zirconium group operated up to 30 different ad agencies which enabled them to redirect users to the exploit kits, malware downloads and click fraud websites.
AutoSploit is an automated exploitation tool written in python. It is able to search for targets using Shodan.io API and exploiting them with Metasploit.
Ukrainian critical infrastructure, including banks, Kyiv’s metro system, the airport and the Chernobyl's radiation monitoring system, was hit by the worldwide malware campaign.
The attack is believed to be a new campaign by the group behind Petya ransomware. It takes advantage of the known SMB exploit (EternalBlue), and is spreading fast to the other countries.
Indian ATMs running outdated Windows XP are suffering jackpotting attack by the Rufus ATM malware.
Analysis of a new Marcher Android banking trojan variant which is posing as Adobe Flash Player Update.
The Russian government is threatening to ban Telegram messenger because it refused to be compliant with the data protection laws.
Bug hunter from Google, Tavis Ormandy, has found yet another serious vulnerability in the Microsoft's Malware Protection Engine.
The Hardware Forensic Database (HFDB) is a project of CERT-UBIK aiming at providing a collaborative knowledge base related to IoT Forensic methodologies and tools.
Good summary of the most common memory based attacker techniques such as shellcode injection, reflective DLL injection or process hollowing.
Russian hackers tracked Ukrainian artillery units using Android implant
UK nuclear submarines are running Windows for Submarines (customized Win XP). It should be noted that the Windows operating system probably doesn't control the nuclear launch operations itself.
McAfee VirusScan Enterprise for Linux can be remotely compromised. Some of these vulnerabilities can be chained together to allow remote code execution as root.
Trend Micro analysed very lightweight ATM malware called Alice (BKDR_ALICE.A). Its only purpose is to empty the ATM safe.
Veles: Nice open source tool for binary data visualization and analysis.
Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware.