RSS FEEDS

RSS FEEDS

RSS FEEDS

Feeds from around the web…

We have curated a number of RSS feeds so that you can keep informed about latest developments such malware outbreaks.

Please note that these feeds are not produced by MetrixCloud, so use your judgement when reading them. Also, MetrixCloud does not endorse any of the companies providing the information.

SecurityWeek RSS Feed Latest IT Security News and Expert Insights Via RSS Feed

  • ATM robber WinPot: a slot machine instead of cutlets
    by Konstantin Zykov on 19th February 2019 at 11:00 am

    In March 2018, we came across a fairly simple but effective piece of malware named WinPot. It was created to make ATMs by a popular ATM vendor to automatically dispense all cash from their most valuable cassettes. We called it ATMPot. […]

  • DNS Manipulation in Venezuela in regards to the Humanitarian Aid Campaign
    by GReAT on 13th February 2019 at 1:42 pm

    This website for volunteers in Venezuela appeared online on February 6th. Only a few days later, on February 11th, the day after the public announcement of the initiative, another almost identical website appeared with a very similar domain name and […]

  • DDoS Attacks in Q4 2018
    by Oleg Kupreev on 7th February 2019 at 10:00 am

    For the third quarter in a row, the Top 10 ratings of countries by number of attacks, targets, and botnet C&C servers continue to fluctuate. Growth in DDoS activity is strongest where previously it was relatively low, while the once-dominant […]

  • Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities
    by Denis Legezo on 30th January 2019 at 10:00 am

    Throughout the autumn of 2018 we analyzed a long-standing (and still active at that time) cyber-espionage campaign that was primarily targeting foreign diplomatic entities based in Iran. The attackers were using an improved version of Remexi in what […]

  • Razy in search of cryptocurrency
    by Victoria Vlasova on 24th January 2019 at 12:00 pm

    Last year, we discovered malware that installs a malicious browser extension on its victim’s computer or infects an already installed extension. To do so, it disables the integrity check for installed extensions and automatic updates for the […]

  • GreyEnergy’s overlap with Zebrocy
    by Kaspersky Lab ICS CERT on 24th January 2019 at 9:00 am

    We have identified an overlap between GreyEnergy, which is believed to be a successor to BlackEnergy group, and a Sofacy subset called “Zebrocy”. Both used the same servers at the same time and targeted the same organization. […]

  • A Zebrocy Go Downloader
    by GReAT on 11th January 2019 at 10:00 am

    The Sofacy subset we identify as “Zebrocy” continues to target Central Asian government related organizations, both in-country and remote locations, along with a new middle eastern diplomatic target. And, as predicted, they continue to […]

  • The world’s southernmost security conference
    by Dmitry Bestuzhev on 10th January 2019 at 10:00 am

    In November I had the privilege of participating in a conference that can rightfully be labelled the world's southernmost. It is called "Patagonia Hacking" and it is organized in the Chilean city of Punta Arenas […]

Threatpost | The first stop for security news The First Stop For Security News

SecuriTeam Blogs We pay more for vulnerabilities

  • beVX Conference Challenge – HiTB
    by SSD / Noam Rathaus on 22nd June 2018 at 11:30 am

    During the event of Hack In the Box, we launched an ARM reverse engineering and exploitation challenge and gave the attendees the change to win great prizes. The challenge was divided into two parts, a file – can be downloaded from here: […]

  • I run this SOC!
    by dmitryc on 5th September 2017 at 7:35 pm

    I don’t actually run this SOC (or any other) 🙂 But…but, as a certified “blue team” member, I’m pretty excited with the crop of new companies and ideas that are springing up in the area of SOC analysis, […]

  • Hack2Win – Code Blue 3rd Edition
    by SSD / Research Team on 21st August 2017 at 6:26 am

    Hi everyone, We are excited to announce our 3rd Hack2Win Code Blue competition! This year we have changed the format, raised the difficulty level and increased the prizes. The goal of the event is to find who can gain the highest privileges on any […]

  • Know your community – Celil ÜNÜVER
    by SSD / Research Team on 24th July 2017 at 9:57 am

    Bug Bounty hunter – found and reported vulnerabilities in Microsoft, Apple, Adobe, IBM, Novell and more, Co-Founder of TRAPMINE and SignalSEC, Founder of NOPCon, speaker at PoC / Code Blue / Swiss Cyber Storm / CONFidence and more – […]

  • SSD Advisory – HTC Sync Remote Code Execution
    by SSD / Research Team on 27th February 2017 at 10:19 am

    Vulnerabilities Summary The following advisory describes a remote code execution (RCE) found in HTC Sync version v3.3.63. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure […]

  • HITCON Taiwan 2016
    by SSD / Research Team on 7th December 2016 at 12:14 pm

    On the 1-2 December 2016 we had the honor for the first time to sponsor HITCON and visit Taiwan. Our adventure started in November 30th when Noam and I landed in Taipei and we had half a day to sightseeing and set up our booth at the conference […]

  • SSD Advisory – Teco SG2 and TP3 Vulnerabililites
    by SSD / Noam Rathaus on 4th July 2016 at 12:58 pm

    Vulnerabilities Description Multiple vulnerabilities have been found in Teco’s SG2 and TP3 product, these vulnerabilities allows attackers that are able to supply the products with a specially crafted file to cause it to execute arbitrary […]

  • Using Machine Learning To Detect Anomalies
    by dmitryc on 21st December 2015 at 10:07 pm

    I’m going to start blogging more about detection of protocol/app anomalies, detection of lateral movement and/or data exfiltration, and more. For many years I have been watching users and applications furrow their way across networks and […]

Threat encyclopedia changes New and Updated antimalware definitions

  • Trojan:PDF/Sonbokli.A!cl
    on 15th January 2019 at 2:00 am

    Alert Level severe Category Trojan Protection starting from: 1.275.752.0 […]

  • Trojan:Win32/Spursint.P!cl
    on 12th January 2019 at 9:21 am

    Alert Level severe Category Trojan Protection starting from: 1.249.641.0 […]

+ Security Week

SecurityWeek RSS Feed Latest IT Security News and Expert Insights Via RSS Feed

+ SecureList (Kaspersky)
  • ATM robber WinPot: a slot machine instead of cutlets
    by Konstantin Zykov on 19th February 2019 at 11:00 am

    In March 2018, we came across a fairly simple but effective piece of malware named WinPot. It was created to make ATMs by a popular ATM vendor to automatically dispense all cash from their most valuable cassettes. We called it ATMPot. […]

  • DNS Manipulation in Venezuela in regards to the Humanitarian Aid Campaign
    by GReAT on 13th February 2019 at 1:42 pm

    This website for volunteers in Venezuela appeared online on February 6th. Only a few days later, on February 11th, the day after the public announcement of the initiative, another almost identical website appeared with a very similar domain name and […]

  • DDoS Attacks in Q4 2018
    by Oleg Kupreev on 7th February 2019 at 10:00 am

    For the third quarter in a row, the Top 10 ratings of countries by number of attacks, targets, and botnet C&C servers continue to fluctuate. Growth in DDoS activity is strongest where previously it was relatively low, while the once-dominant […]

  • Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities
    by Denis Legezo on 30th January 2019 at 10:00 am

    Throughout the autumn of 2018 we analyzed a long-standing (and still active at that time) cyber-espionage campaign that was primarily targeting foreign diplomatic entities based in Iran. The attackers were using an improved version of Remexi in what […]

  • Razy in search of cryptocurrency
    by Victoria Vlasova on 24th January 2019 at 12:00 pm

    Last year, we discovered malware that installs a malicious browser extension on its victim’s computer or infects an already installed extension. To do so, it disables the integrity check for installed extensions and automatic updates for the […]

  • GreyEnergy’s overlap with Zebrocy
    by Kaspersky Lab ICS CERT on 24th January 2019 at 9:00 am

    We have identified an overlap between GreyEnergy, which is believed to be a successor to BlackEnergy group, and a Sofacy subset called “Zebrocy”. Both used the same servers at the same time and targeted the same organization. […]

  • A Zebrocy Go Downloader
    by GReAT on 11th January 2019 at 10:00 am

    The Sofacy subset we identify as “Zebrocy” continues to target Central Asian government related organizations, both in-country and remote locations, along with a new middle eastern diplomatic target. And, as predicted, they continue to […]

  • The world’s southernmost security conference
    by Dmitry Bestuzhev on 10th January 2019 at 10:00 am

    In November I had the privilege of participating in a conference that can rightfully be labelled the world's southernmost. It is called "Patagonia Hacking" and it is organized in the Chilean city of Punta Arenas […]

+ Threat Post (Kaspersky)

Threatpost | The first stop for security news The First Stop For Security News

+ SecuriTeam

SecuriTeam Blogs We pay more for vulnerabilities

  • beVX Conference Challenge – HiTB
    by SSD / Noam Rathaus on 22nd June 2018 at 11:30 am

    During the event of Hack In the Box, we launched an ARM reverse engineering and exploitation challenge and gave the attendees the change to win great prizes. The challenge was divided into two parts, a file – can be downloaded from here: […]

  • I run this SOC!
    by dmitryc on 5th September 2017 at 7:35 pm

    I don’t actually run this SOC (or any other) 🙂 But…but, as a certified “blue team” member, I’m pretty excited with the crop of new companies and ideas that are springing up in the area of SOC analysis, […]

  • Hack2Win – Code Blue 3rd Edition
    by SSD / Research Team on 21st August 2017 at 6:26 am

    Hi everyone, We are excited to announce our 3rd Hack2Win Code Blue competition! This year we have changed the format, raised the difficulty level and increased the prizes. The goal of the event is to find who can gain the highest privileges on any […]

  • Know your community – Celil ÜNÜVER
    by SSD / Research Team on 24th July 2017 at 9:57 am

    Bug Bounty hunter – found and reported vulnerabilities in Microsoft, Apple, Adobe, IBM, Novell and more, Co-Founder of TRAPMINE and SignalSEC, Founder of NOPCon, speaker at PoC / Code Blue / Swiss Cyber Storm / CONFidence and more – […]

  • SSD Advisory – HTC Sync Remote Code Execution
    by SSD / Research Team on 27th February 2017 at 10:19 am

    Vulnerabilities Summary The following advisory describes a remote code execution (RCE) found in HTC Sync version v3.3.63. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure […]

  • HITCON Taiwan 2016
    by SSD / Research Team on 7th December 2016 at 12:14 pm

    On the 1-2 December 2016 we had the honor for the first time to sponsor HITCON and visit Taiwan. Our adventure started in November 30th when Noam and I landed in Taipei and we had half a day to sightseeing and set up our booth at the conference […]

  • SSD Advisory – Teco SG2 and TP3 Vulnerabililites
    by SSD / Noam Rathaus on 4th July 2016 at 12:58 pm

    Vulnerabilities Description Multiple vulnerabilities have been found in Teco’s SG2 and TP3 product, these vulnerabilities allows attackers that are able to supply the products with a specially crafted file to cause it to execute arbitrary […]

  • Using Machine Learning To Detect Anomalies
    by dmitryc on 21st December 2015 at 10:07 pm

    I’m going to start blogging more about detection of protocol/app anomalies, detection of lateral movement and/or data exfiltration, and more. For many years I have been watching users and applications furrow their way across networks and […]

+ Malware Protection Center (Microsoft)

Threat encyclopedia changes New and Updated antimalware definitions

  • Trojan:PDF/Sonbokli.A!cl
    on 15th January 2019 at 2:00 am

    Alert Level severe Category Trojan Protection starting from: 1.275.752.0 […]

  • Trojan:Win32/Spursint.P!cl
    on 12th January 2019 at 9:21 am

    Alert Level severe Category Trojan Protection starting from: 1.249.641.0 […]