U.S Federal Agencies Want To Secretly Hack Suspects' Computers for Criminal Evidence

The US Justice Department DOJ is seeking a transition in the criminal rules that would make the authorities to have more leeway to secretly hack into the suspected criminals’ computer during criminal investigations at any times in bunches. The proposed PDF change in the rules would make FBI to...

Microsoft Identifies New Malware Dropping Sefnit Botnet

Plenty has been written about the Sefnit malware family and its favor with using Tor to mask communication, as well as the money it’s made for criminals via click-fraud schemes. Sefnit, however, has had a pair of accomplices that until recently were regarded as harmless programs by most security...

Sohu video XSS vulnerability used by hackers Video the user is human flesh-a vulnerability warning-the black bar safety net

Recently availableDDoSprotection firm Incapsula revealed the World No. 2 7 large sites-Sohu oneXSScross-site scripting vulnerabilities become together large-scale botnetDDoSattack the source. ! 1 Pictures from the network The rapid development of Internet, Network Security has been called for...

Click-Fraud Sefnit Variant Shuns Tor for SSH

Sefnit was the first malware family to shed light on the problem of botnets and other malicious code using the Tor anonymity network as a communication protocol. While others before and since have done the same, Sefnit made the biggest splash at the end of last summer when the botnet caused a 600...

ZeuS Botnet Updating Infected Systems with Rootkit-Equipped Trojan

ZeuS, or Zbot is one of the oldest families of financial malware, it is a Trojan horse capable to carry out various malicious and criminal tasks and is often used to steal banking information. It is distributed to a wide audience, primarily through infected web pages, spam campaigns and drive-by...

Hardware Maker LaCie Admits Yearlong Data Breach

The French computer hardware company LaCie, perhaps best known for their external hard drives, announced this week it fell victim to a data breach that may have put at risk the sensitive information of anyone who has purchased a product off their website during the last year. According to an...

OpenSSL Heartbleed Bug Exploited Before This Week?

Bruce Schneier stood on the Source Boston keynote stage yesterday and used the word “ginormous” to describe the severity of the OpenSSL heartbleed bug. “My guess is that when heartbleed became public, the top 20 governments in the world started exploiting it immediately,” Schneier said. That’s...

Researchers Uncover Interesting Browser-Based Botnet

Security researchers discovered an odd DDoS attack against several sites recently that relied on a persistent cross-site scripting vulnerability in a major video Web site and hijacked users’ browsers in order to flood the site with traffic. The attack on the unnamed site involved the use of...

Herpes Net 3.0 SQL Injection

import random import pycurl import urllib import cStringIO import json def ui: try: return unicodei, errors='ignore' except: return i class HerpesNetPanel: def initself, gatewayurl: self.gatewayurl = gatewayurl @staticmethod def getfieldgateway, table, column, row: prefix = "" while lenprefix 6:...

Microsoft, Kaspersky Shed Light on Sefnit Tor Botnet

Alarm bells went off last August when spikes in Tor client downloads were traced to a large click-fraud and Bitcoin-mining botnet called Sefnit. The malware was using the popular anonymity network to communicate with hackers in order to transmit stolen data and receive additional commands. In...

Pony Botnet Steals $200,000, 700,000 Usernames, Passwords

Attackers leveraged a Pony botnet controller to not only siphon away a large batch of account credentials but also to make off with over $200,000 in Bitcoin and other virtual currencies over a four month span, according to researchers this week. It’s the second high profile instance of the Pony...

Pony Botnet steals $220,000 from multiple Digital Wallets

Are you the one of the Digital Currency Holder? PONY is after You. A Group of cyber criminals has used hundreds of thousands of infected computers of the digital currency holders to filch approximately $220,000 worth of Bitcoins and other virtual currencies. The researchers at the security firm,...

Dexter (CasinoLoader) Panel - SQL Injection Exploit

Exploit for multiple platform in category web applications import pycurl import urllib import cStringIO import base64 import argparse import sys import string import pygeoip version = "0.1-httpbots-PoC" def PrintHelp: global version print "usage: dexter.PoC.py -h action gateway url" print "" prin...

Dexter (CasinoLoader) Panel - SQL Injection

Dexter CasinoLoader Panel - SQL Injection Exploit Title: Dexter CasinoLoader Panel SQLi Date: Feb, 13, 2014 Exploit Author: Brian Wallace @botnethunter Version: CasinoLoader Tested on: Windows 7, Ubuntu, Debian import pycurl import urllib import cStringIO import base64 import argparse import sys...

Bredo Banking Malware Campaign Targets Bank of America Customers

The Major US Financial institution, Bank of America is being targeted by a stealthy malicious financial malware campaign, according to AppRiver report. Last month the researchers at AppRiver has noticed enormous volumes of traffic through their data centers, with the peaks of traffic reaching thr...

GameOver Zeus Now Using Encryption to Bypass Detection

Cybercriminals have begun to tweak the way the GameOver Zeus Trojan is being delivered to users’ machines, making it easier for the banking malware to evade detection and steal victims’ credentials. To get the job done the malware has been working in tandem with the malware Upatre. For about a we...

Java-Bot, a Cross-platform malware launching DDoS attacks from infected computers

These days botnets are all over the news. In simple terms, a botnet is a group of computers networked together, running a piece of malicious software that allows them to be controlled by a remote attacker. A major target for most of the malware is still Windows, but the growing market of Mac OS X...

Malicious Java App is Cross-Platform Botnet

Java-related security issues have remained relatively quiet during the past few months, especially after a rocky start to 2013 seemingly had one Java flaw after another in the news. Things might be starting to ramp up again with the discovery of a cross-platform Java-based botnet. Researchers at...

Hasbro Serving Drive-By Download Malware Attack

Hasbro.com, a leading toy and game distributor in the United States, is infected and serving malware to visitors of the site. Researchers at Barracuda Networks said the site remained infected as of this morning and Hasbro has not responded to an email from the security firm disclosing the issue...

16 Million German Users' Data Compromised in mysterious Botnet Malware attack

A New day begins with a Cup of Coffee and with new massive Data Breach News. This time in Germany, the Digital identities of about 16 million online users had been stolen, and posing a risk to their accounts linked to social media and other services. Federal Office for Information Security BSI...