ugotag.com  
  
× SPECIAL FORCES      |     LOCKSPORT      |     SCI FI      |     INSECTS      |     RECIPE      |     RED DEAD REDEMPTION      |     WOODWORKING      |     FISHING      |     SCI FY      |     CRIME STORIES      |     BIRDS      |     STYLE      |     TV      |     INTERESTING      |     ENVIRONMENT      |     STAR WARS      |     OLYMPICS      |     EASTER      |     GOD OF WAR      |     FOOD & DRINK      |     PHOTOGRAPHY      |     WEDDING      |     COLD WAR      |     WAR      |     CHRISTMAS      |     ARCHITECTURE      |     FITNESS      |     ART      |     TOYS      |     SKATEBOARDING      |     YOUR HOME      |     PSYCHOLOGY      |     RELIGION      |     HEALTH & WELLNESS      |     PETS      |     GUNS      |     MATH      |     BIOLOGY      |     WW1      |     BUSINESS      |     WORLD WAR 2      |     AUTOMOTIVE      |     STEM      |     GUITAR      |     AQUARIUM      |     HOMEBREW      |     KITCHEN      |     SPEECHES      |     KIDS      |     ECONOMICS      |     PROGRAMMING      |     REMOTE CONTROL      |     MINECRAFT      |     MOTORBIKES      |     VALENTINE'S DAY      |     MULTIPLICATION      |     LAWNCARE      |     GARDENING      |     PI DAY      |     LEGO      |     BLOCKCHAIN      |     COMPUTER SECURITY      |     SPORTS      |     CATS      |     MUSIC      |     FORTNITE BATTLE ROYALE      |     FARMING      |     ARTIFICIAL INTELLIGENCE      |     ROCKCLIMBING      |     RELAXING      |     CSGO      |     BABY      |     AVIATION      |     MENS STYLE      |     ANIMALS      |     SCIENCE      |     DOGS      |     SHOOTING SPORTS      |     MOVIES      |     OUTDOORS      |     BIKING      |     HISTORY      |     FASHION      |     FAR CRY 5      |     HALLOWEEN      |     STPATRICKS      |     CRYPTOCURRENCY      |     ENGINEERING      |     GEOPOLITICS      |     POLITICS      |     TECHNOLOGY      |     FUNNY      |     TRAVEL      |     MARTIAL ARTS      |     GAMBLING      |     GAMING      |     KNITTING      |     BEAUTY      |     PHILOSOPHY      |     ANCIENT WORLD      |     POTTERY      |     ARCHERY      |     THANKSGIVING      |     HOME REPAIR      |     CRAFTS      |     ORGANIZATION      |     BIG THOUGHTS
HOME  |  TECHNOLOGY  |  HEALTH  |  FOOD  |  MORE

COMPUTER SECURITY

| Interesting videos and articles about hacking, computer security, and innovative ways of controlling technology.
 
videos
VIDEO

Abusing Webhooks for Command and Control - DEF CON 25

You are on the inside of the perimeter. And maybe you want to exfiltrate data, download a tool, or execute commands on your command and control server (C2). Problem is - the first leg of connectivity to your C2 is denied. Your DNS and ICMP traffic is being monitored. Access to your cloud drives i...
 
 
videos
VIDEO

How to your Fortnite Account and Avoid Getting Hacked

How to SECURE your FORTNITE Epic Games ACCOUNT! (HOW TO AVOID GETTING HACKED) In todays video I am going to show you how to protect your Epic Games Fortnite Battle Royale account on PS4, PC, Xbox and mobile. A bunch of hackers has been trying to access Fortnite accounts and purchasing v-bucks fo...
 
 
ARTICLE  


Uber To Obscure Rider's Trip Details From Drivers

Uber announced its intention to obscure rider's trip history from drivers. Currently, the ride sharing app provides drivers with a detailed trip history of riders. The change is part of a set of changes Uber is making to comply with the European Union’s new General Data Protection Regulation(GDPR).
 
 
videos
VIDEO

Open Source Safe Cracking Robot DEFCON 25 Nathan Seidle

We've built a $200 open source robot that cracks combination safes using a mixture of measuring techniques and set testing to reduce crack times to under an hour. By using a motor with a high count encoder we can take measurements of the internal bits of a combination safe while it remains c...
 
 
videos
VIDEO

Early Bird Malware Code Injection Technique HD

Cyberbit malware researchers discovered a new malware injection technique that allows execution of malicious code before the entry point of the main thread of a process, hence – it can bypass security product hooks if they are not placed before the main thread has its execution resumed.
 
 
videos
VIDEO

RSA Power Analysis Side-Channel Attack - rhme2

Preparing an arduino nano board to perform a power analysis side channel attack and explaining how that can be used to break RSA. Also proof I can't count.
 
 
ARTICLE  


Monero Mining Trojan Written in AutoHotKey

A polymorphic parasitic cryptominer written in the AutoHotKey scripting language has been spotted by Trend Micro. The trojan joins a command and control network and mines for the Monero cryptocurrency.
 
 
videos
VIDEO

SirenJack Proof of Concept

ATI Emergency Alert Systems have been found to be vulnerable to an attack dubbed SirenJack. The attack is possible because the command packets do not use any authentication or encryption.
 
 
videos
VIDEO

Elliptic Curve Back Door - Computerphile

The back door that may not be a back door... The suspicion about Dual_EC_DRBG - The Dual Elliptic Curve Deterministic Random Bit Generator - with Dr Mike Pound.
 
 
videos
VIDEO

How did Pew Research Center identify Twitter bots?

In the context of ongoing debates over the role and nature of bots, Pew Research Center set out to better understand how many of the links being shared on Twitter are being promoted by bots rather than humans. Our analysis found that an estimated two-thirds of tweeted links to popular websites ar...
 
 
ARTICLE  


Exploit for Nintendo Switch bootROM

A newly published chain of exploits for the Nvidia Tegra X1 chip used in the Nintendo Switch has been released by the hacking team at ReSwitched.
 
 
videos
VIDEO

Edward Snowden Interview with Peter Van Valkenburgh of Coin Center | Blockstack Berlin 2018

Edward Snowden on privacy, trust, cryptocurrency and the blockchain.
 
 
videos
VIDEO

heap0 exploit speedrun & weird ASCII string on the Heap - bin 0x28

The heap0 example is not affected by DEP or ASLR on Ubuntu 16.04, so it's super easy. But we use the opportunity to investigate another weird string that we found on the heap.
 
 
ARTICLE  


Rarog Parasitic Cryptocurrency Mining Trojan

Palo Alto's Unit42 has released an analysis of the Rarog parasitic cryptocurrency miner trojan. The trojan parasitically mines the Monero cryptocurrency and sells for 6,000 Rubles.
 
 
ARTICLE  


Orangeworm Hacker Group Targeting Healthcare

Symantec has dubbed a malicious actor group responsible for infecting healthcare organizations "Orangeworm". According to Symantec, the malware was found on X-Ray and MRI machines.
 
 
ARTICLE  


Internet Explorer Zeroday Attack Discovered by Qihoo 360

Security researchers from the Chinese security firm
Qihoo 360 claim to have identified a zero day APT attack against Internet Explorer. The researchers claim the attack uses public UAC bypass, reflective DLL loading, fileless execution, and steganography.
 
 
ARTICLE  


Drupalgeddon2: Drupal Servers Under Attack by At Least Three Groups

Security researchers are saying that at least three groups are targeting the "Drupalgeddon2"(CVE-2018-7600) vulnerability in the Drupal content management system.
 
 
ARTICLE  


2018 RSA Conference Exposes 114 Attendees

The app used at the 2018 RSA Conference was found to expose user data according to "svbl". The conference organizers confirmed that 114 first and last names of RSA Conference Mobile App users were publicly accessible.
 
 
ARTICLE  


IIS Vulnerability Used to Mine Electroneum Cryptocurrency

Attackers use IIS flaw to parasitically cryptomine the Electroneum mobile-based cryptocurrency. The attack exploits the CVE–2017–7269 flaw in IIS to install the XMRig cryptominer via the "Squiblydoo" technique,
 
 
ARTICLE  


PowerHammer Exfiltrates Data from Power Lines

The group of researchers responsible for BitWhisper and MAGNETO have released a method to exfiltrate data via power lines - PowerHammer.
 
 
ARTICLE  


Youtube Videos Defaced with Political Message

BBC is reporting that Youtube videos have been defaced with "Free Palestine" messages. Some of the artists affected include Shakira, Selena Gomez, Drake and Taylor Swift.
 
 
ARTICLE  


"Mastermind" Behind Fin7 Credential Theft Gang Arrested

Fin7 (AKA Carbon Spider, Cobalt Spider, Carbanak) mastermind arrested in Spain. The hacking group is said to be behind breaches like SAKS Fifth Avenue, Omni Hotels, Trump Hotels, Whole Foods, and Chipotle.
 
 
BLOG  


Verge Cryptocurrency Under 51% Attack Due to Timestamp

There is a reported >51% attack in the Verge(XVG) cryptocurrency due to a bug in the timestamp handling code. The attack is said to have resulted in the theft of between 250000 and 3.9 million coins depending on who's numbers you take.
 
 
BLOG  


Monero Miner Hiding as Scarlett Johansson Image

A malicious cryptominer attack disguising itself as a Scarlett Johansson Image has been discovered.

The attack targets PostgreSQL servers and analyzes the victim's GPU prior to installing the Monero Cryptominer.
 
 
BLOG  


New Samples of "Hacking Team"'s "Remote Control System" in Wild

ESET has discovered new versions of the "Hacking Team"'s "Remote Control System".

The spyware vendor gained notoriety for selling surveillance tools to governments and their agencies across the world.

The capabilities of Remote Control System include extracting files, intercepting email and IM and monitoring camera and microphone.
 
 
BLOG  


Details of Artificial Intelligence Threat Detection from Microsoft Windows Defender Research

Microsoft highlights their use of Artificial Intelligence(AI), and Machine Learning(ML), to detect a February 3, 2018 outbreak of the Emotet virus. Their use of gradient boosting, ensemble models, feature vectors, and client-side and cloud machine learning models are discussed.
 
 
BLOG  


ComboJack Malware Redirects Cryptocurrency Payments

A strain of malware has been found to monitor clipboards for cryptocurrrency payment addresses, swapping them for addresses controlled by the malware author.

The development follows the behavior of the CryptoShuffler malware discovered by Kaspersky in October 2017.
 
 
BLOG  


SGXPECTRE: Exposing Data From Intel Software Guard eXtensions (SGX) Enclaves

Researchers from Ohio State University announced an attack to expose data from Intel's Software Guard eXtensions (SGX) Enclaves.

Though the attack is different in implementation from the previous Meltdown and Spectre vulnerabilities, the information retrieval from protected areas of Intel chips is similar, so the attack has been dubbed SGXPECTRE
 
 
BLOG  


Github, Dropbox and Google Used to Deliver ShortJSRAT

Cloud security vendor, Netskope released an analysis of a ShortJSRAT infection chain that uses a Google URL shortener link, as well as Dropbox and Github payload storage.

The use of cloud infrastructure is designed to aid in attack resilience, and help make the attack difficult to detect.
 
 
BLOG  


Cryptomining Behind Most Remote Code Execution Attacks

Cyber security firm Imperva claims in a February 20, 2018 blog post that the goal of 90 percent of remote code execution attacks in December 2017 is cryptomining malware or cryptojackers.

Many of the cryptominers are mining Monero as it can be mined with a regular CPU.

 
 
BLOG  


Adobe Acrobat Reader DC Document ID Remote Code Execution Vulnerability

A stack overflow in Acrobat Reader's handling of the Document ID field has been announced. The vulnerability can be exploited via a JavaScript form in an attack PDF.
 
 
BLOG  


Business Email Compromise Attacks Actively Targeting Fortune 500 Companies

Business Email Compromise (BEC) attacks involve forgoing malware attachments, instead using spam messages to target the user.

The goal of Business Email Compromise attacks is to harvest credentials for further attack, or to trick the recipient into initiating a money transfer.
 
 
BLOG  


Exposed Cloud Storage Buckets Leak Private Data and Open to Ransomware Attack

The BBC is reporting that Security Researchers have posting warning messages in exposed Amazon buckets. Exposed buckets have played a role in data leaks from Uber, Verizon, the WWE, Booz Allen Hamilton, and Dow Jones in the last 18 months.

Kevin Beaumont added that these exposed buckets are a ransomware attack waiting to happen.
 
 
BLOG  


Internet Explorer exposed via Microsoft Word's Online Video feature

Researchers at Votiro have discovered that Microsoft Word's Online Video feature actually spawns an encapsulated iexplore.exe process.

This means that a user opening a Word document and intending to watch an embedded video could expose themselves to a variety of Internet Explorer exploitive and cryptojacking type attacks accessed via JavaScript.
 
 
BLOG  


Deep Neural Networks for Bot Detection

Researchers have used contextual long short-term memory (LSTM) and deep neural networks to detect bots at the tweet level using both content of the message and metadata about the user.
 
 
BLOG  


Google Finds Fundamental Bypass Technique in Microsoft Edge

Google Project Zero has disclosed a way to bypass the Arbitrary Code Guard(ACG) found in Microsoft Windows 10 via the Edge browser.

The attack involves predicting which address the JIT process is going to call VirtualAllocEx().
 
 
BLOG  


Security Flaw in Skype Grants Attacker Grants Attacker System-level Access

Security researcher Stefan Kanthak discovered that the Skype updater could be exploited with DLL hijacking, allowing the attacker to execute a malicious DLL rather than the correct one.
 
 
BLOG  


Details of AI Threat Detection from Microsoft Windows Defender Research

Microsoft highlights their use of Artificial Intelligence(AI), and Machine Learning(ML), to detect a February 3, 2018 outbreak of the Emotet virus. Their use of gradient boosting, ensemble models, feature vectors, and client-side and cloud machine learning models are discussed.
 
 
BLOG  


Olympic Destroyer Malware Attempts to Shut Down Pyeongchang Games

Researchers at Cisco have discovered that the malware responsible for the Pyeongchang Olympic games opening ceremony contained browser credential stealers and disk wipers.
 
 
BLOG  


Hacker Group Runs Debian Linux on Nintendo Switch

Hacker group fail0verflow claims it has found a way to run Debian Linux on the Nintendo Switch. According to fail0verflow, there is a flaw in the Nvidia Tegra X1 system-on-a-chip boot ROM. Since the boot ROM is stored on the read only chip at manufacture time, there is no way for Nintendo or Nvidia to patch the vulnerability.
 
 
BLOG  


Cyber Attacks Targeting Pyeongchang Olympics in Korean Have Begun

Cyber attacks agains organisations involved in Pyeongchang Olympics have begun according to McAfee. The attack dubbed Gold Dragon installs fileless implants with the goal of data exfiltration. The attack specifically targets Korean language users, and the Hangul word processor which is common in Korea.
 
 
BLOG  


CrossRAT targets OSX, Linux, and Windows

CrossRAT provides the attacker to take screen shots, and run arbitrary programs.
 
 
BLOG  


OilRig IIS Backdoor found on Middle Eastern gov, fin, and edu computers.

Researchers at PaloAlto Networks found an IIS backdoor called RGDoor installed on government, financial, and educational webservers with the intent of providing access if main backdoors are removed.
 



Next Page






HOME     SIGN UP     CONTACT US