The blog page of one of the leading media sites in the United Kingdom, “The Independent” has been compromised, which may put its millions of readers at risk of getting infected with ransomware. We have already informed The Independent about this security incident and are working with them to contain the situation. For their part, the news website staff was quick to respond and take action to mitigate the risk this event posed to the website itself and its user base.Read More
We have frequently talked about how the Deep Web is used as a venue for the illegal trade in weapons and drugs. This part of the cybercrime underground includes a German-speaking community. Our new research examines these sites in some detail.Read More
In our exploration of the different cybercriminal underground markets, we often note that these black markets are often hard to infiltrate, or even find in the first place. It takes a specific set of skills and knowledge to be able to get inside these underground economies. But not the North American underground. Unlike its counterparts…Read More
A total of 6.1 million devices – smart phones, routers, smart TVs – are currently at risk to remote code execution attacks due to vulnerabilities that have been fixed since 2012.
The vulnerability exists in the Portable SDK for UPnP™ Devices, also called libupnp. This particular library is used to implement media playback (DLNA) or NAT traversal (UPnP IGD). Apps on a smartphone can use these features to play media files or connect to other devices within a user’s home network.Read More
Victim or potential business partner? That’s the question raised by the crypto-ransomware named Chimera (Ransom_CRYPCHIM.A). At first glance, it might seem like your typical crypto-ransomware. However, there are three things that make Chimera stand out. Online Extortion The first is the threat of exposure: Chimera not only encrypts files, it also threatens to post them online…Read More