Cybercrime

From malware and botnets to the latest cybercriminal schemes, check out what today’s black hat hackers are up to.

Blog > Cybercrime

Analysis of “DirtyCow” Kernel Exploit

Key Takeaways On October 20, 2016, Ars Technica published an article about a serious kernel-level Linux exploit which allows for local privilege escalation attacks. Red Hat Product Security has identified this exploit being used in the wild and addressed the apparent vulnerability caused by this exploit. Other Linux distribution operating systems are also in the […]

Read more

Current Trends in Mobile Threats Targeting Financial Services

Key Findings Malware targeting credentials and payment information remains a major threat to mobile users. Call and SMS interception are in demand and support a variety of unauthorized retail and banking transactions. Calls and SMS Telephony Denial of Service (TDoS) are in demand; however, due to the excessive cost of the technique, they are only available […]

Read more

When Vulnerabilities Travel Downstream

CVEs Assigned to Upstream Devices Exploited by Mirai IoT Botnet While investigating the recent large-scale DDoS attacks against targets including Krebs On Security and OVH, Flashpoint identified the primary manufacturer of the devices that utilize the default username and password combination known as root and xc3511, respectively. These types of credentials exist all across the […]

Read more

Pro-ISIS Jihadists Dabble in Encryption, Prove Under-Sophisticated

Jihadi actors have been experimenting with encrypted communication technologies since as early as 2008. Through the development of proprietary encrypted communication tools and the growing adoption of various cyber technologies, these actors have demonstrated an increased interest in obfuscating their digital fingerprints. This interest is underscored through discussions on top jihadi web forums, where members […]

Read more

“thedarkoverlord” Targets Finance in Next Wave of Extortion Attacks

Key Findings  On September 25, 2016, “thedarkoverlord,” a notorious threat actor behind the recent extortion attempts of several healthcare organizations, gained access to highly-sensitive information from WestPark Capital investment firm. The CEO of WestPark Capital refused the actor’s blackmail demands, and as a result, partial information was released to the public by thedarkoverlord Flashpoint identified […]

Read more

Anatomy of Locky and Zepto Ransomware

The criminals behind the notorious Locky and Zepto ransomware spam campaigns continue to shift tactics in an effort to circumvent anti-virus detection. Recently, the cybercriminal syndicate has been leveraging obfuscated Windows Script Files (.wsf) and HTML Applications (.hta) inside a zip archive. Such files allow JScript, VBScript, and other scripting languages to execute. By using […]

Read more

Attack of Things!

By Flashpoint Analyst Team
September 17, 2016

This post was written in collaboration with Level 3 Threat Research Labs and was originally published to Beyond Bandwidth on August 25, 2016. The rush to connect everything to the internet is leaving millions of everyday products vulnerable and ripe for abuse. We’ve seen internet connectivity added to appliances, athletic clothing, pill bottles and even forks. Security, […]

Read more