Hacker News
- Operation Triangulation: What you get when attack iPhones of researchers https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/ 399 comments
- How to catch a wild triangle https://securelist.com/operation-triangulation-catching-wild-triangle/110916/ 43 comments
- Free Download Manager backdoored – a possible supply chain attack on Linux https://securelist.com/backdoored-free-download-manager-linux-malware/110465/ 127 comments
- Bad magic: new APT found in the area of Russo-Ukrainian conflict https://securelist.com/bad-magic-apt/109087/ 2 comments
- MoonBounce: The dark side of UEFI firmware https://securelist.com/moonbounce-the-dark-side-of-uefi-firmware/105468/ 36 comments
- RansomEXX Trojan attacks Linux systems https://securelist.com/ransomexx-trojan-attacks-linux-systems/99279/ 34 comments
- DarkPulsar https://securelist.com/darkpulsar/88199/ 60 comments
- Introducing WhiteBear https://securelist.com/introducing-whitebear/81638/ 2 comments
- xDedic – the shady world of hacked servers for sale https://securelist.com/blog/research/75027/xdedic-the-shady-world-of-hacked-servers-for-sale/ 17 comments
- The MiniDuke Mystery: PDF 0-day Government Spy Assembler 0x29A Micro Backdoor https://www.securelist.com/en/blog/208194129/The_MiniDuke_Mystery_PDF_0_day_Government_Spy_Assembler_Micro_Backdoor 30 comments
- Hotmail: Your password was too long, so we fixed it for you http://www.securelist.com/en/blog/208193844/Hotmail_Your_password_was_too_long_so_we_fixed_it_for_you 51 comments
- CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/ 4 comments reverseengineering
- MoonBounce: UEFI Malware https://securelist.com/moonbounce-the-dark-side-of-uefi-firmware/105468/ 3 comments reverseengineering
- RansomEXX Trojan attacks Linux systems - recently discovered a new file-encrypting Trojan built as an ELF executable and intended to encrypt data on machines controlled by Linux-based operating systems. https://securelist.com/ransomexx-trojan-attacks-linux-systems/99279/ 16 comments linux
- (Kaspersky) MosaicRegressor: Lurking in the Shadows of UEFI https://securelist.com/mosaicregressor/98849/ 5 comments hardware
- Chrome 0-day exploit https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/ 171 comments programming
- Leaking ads https://securelist.com/leaking-ads/85239/ 2 comments netsec
- Lesson almost learned: how not to use a driver to execute code with kernel privileges https://securelist.com/elevation-of-privileges-in-namco-driver/83707/ 4 comments lowlevel
- Bad Rabbit ransomware technical dive https://securelist.com/bad-rabbit-ransomware/82851/ 5 comments netsec
- Windows zero-day exploit used in targeted attacks by FruityArmor APT https://securelist.com/blog/research/76396/windows-zero-day-exploit-used-in-targeted-attacks-by-fruityarmor-apt/ 8 comments programming
- Adwind: A cross-platform, multifunctional backdoor,written in Java ,can run on Windows, Mac OS, Linux and Android OS. https://securelist.com/blog/research/73660/adwind-faq/ 2 comments java
- Cross Platform Firefox back door. (not mine) https://securelist.com/blog/research/73503/from-linux-to-windows-new-family-of-cross-platform-desktop-backdoors-discovered/ 8 comments netsec
- Perhaps the most powerful tool in the Equation group's arsenal is a mysterious module known only by a cryptic name: "nls_933w.dll". It allows them to reprogram the hard drive firmware of over a dozen different hard drive brands, including Seagate, Western Digital, Toshiba, Maxtor and IBM. https://securelist.com/blog/research/68750/equation-the-death-star-of-malware-galaxy/ 8 comments technology
- [PDF] by Kaspersky Lab, Equation Group: Questions and Answers https://securelist.com/files/2015/02/equation_group_questions_and_answers.pdf 13 comments netsec
- Equation: The Death Star of Malware Galaxy http://securelist.com/blog/research/68750/equation-the-death-star-of-malware-galaxy/ 3 comments netsec
- The Darkhotel APT | posted by securelist and deleted immediatly[pdf] https://securelist.com/files/2014/11/darkhotel_kl_07.11.pdf 11 comments netsec
- How I hacked my home https://securelist.com/analysis/publications/66207/iot-how-i-hacked-my-home/ 8 comments netsec
- Analysis of the BlackHole Exploit Kit https://www.securelist.com/en/analysis/204792303/filling_a_blackhole?print_mode=1 6 comments netsec
- Loophole in Safari: doesn’t encrypt previous sessions and it stores them in a standard plist file that is freely accessible making it easy to find a user’s login credentials http://www.securelist.com/en/blog/8168/loophole_in_safari 6 comments technology
- Researchers discover the world’s most sophisticated Android Trojan. http://www.securelist.com/en/blog/8106/the_most_sophisticated_android_trojan 5 comments technology
- The tale of one thousand and one DSL modems. http://www.securelist.com/en/blog/208193852/the_tale_of_one_thousand_and_one_dsl_modems 5 comments netsec
- Challenge - break the encrypted payload in the Gauss trojan http://www.securelist.com/en/blog/208193781/the_mystery_of_the_encrypted_gauss_payload 10 comments programming
- Kaspersky Lab: New "Gauss" virus simlar to Flame and Stuxnet aimed at stealing Lebanese customers' bank info discovered. http://www.securelist.com/en/blog/208193767/gauss_nation_state_cyber_surveillance_meets_banking_trojan 7 comments worldnews
- Gauss: Nation-state cyber-surveillance meets banking Trojan http://www.securelist.com/en/blog/208193767/gauss_nation_state_cyber_surveillance_meets_banking_trojan 14 comments netsec
- Conclusive link found between Flame and Stuxnet http://www.securelist.com/en/blog?weblogid=208193568 66 comments netsec
- Man figures out how newest stuxnet computer virus logs on to domain for new instructions - creates fake target domain-receives logins from over 600,000 different computers in 24hrs. here's a map of where they are (hint:the target is NOT iran). http://www.securelist.com/en/blog/208193441/flashfake_mac_os_x_botnet_confirmed 12 comments politics
- The Mystery of the Duqu Framework http://www.securelist.com/en/blog/667/the_mystery_of_the_duqu_framework 8 comments programming
- The malware detected by Kaspersky Anti-Virus as TDSS is the most sophisticated threat today http://www.securelist.com/en/analysis/204792180/tdl4_top_bot 71 comments netsec
- Apple's silent updates http://www.securelist.com/en/blog/6141/apple_s_silent_updates 5 comments apple