dcsimg

Caution: Misuse of security tools can turn against you

We have a saying in Greece: “They assigned the wolf to watch over the sheep.” In a security context, this is a word of caution about making sure the tools we use to keep our information private don’t actually cause the data leaks themselves. In this article, I will be talking about some cases that I have come across in which security tools have leaked data they were intended … [Read more...]

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

A variant of a remote code execution vulnerability with Internet Explorer’s scripting engine known as CVE-2018-8373 patched last August has been found in the wild. Looking at the IOCs posted by our colleagues at TrendMicro, we recognized the infrastructure serving this exploit. The same static domain has been active since at least early July, and is being redirected to from an adult website … [Read more...]