Security Alerts & News
by Tymoteusz A. Góral

History
#1898 Uncovering the inner workings of EyePyramid
Two Italians referred to as the “Occhionero brothers” have been arrested and accused of using malware and a carefully-prepared spear-phishing scheme to spy on high-profile politicians and businessmen. This case has been called “EyePyramid”, which we first discussed last week. (Conspiracy theories aside, the name came from a domain name and directory path that was found during the research.)

The court order was published by AGI, an Italian news agency, around noon on January 11. It (surprisingly) contains multiple technical details which we used to bootstrap our initial analysis. This post builds on the details of the case to provide a more complete and in-depth view of the activities of this campaign.
Read more
#1902 Dutch developer added backdoor to websites he built, phished over 20,000 users
#1901 Ukraine's power outage was a cyber attack: Ukrenergo
#1900 GCHQ encourages teenage girls to become cybersecurity professionals of the future
#1899 Project Zero finds XSS bug in auto-installed Adobe Acrobat Chrome extension
#1898 Uncovering the inner workings of EyePyramid
#1897 Oracle's monster security update: 270 fixes and over 100 remotely exploitable flaws
#1896 Newly discovered Mac malware found in the wild also works well on Linux
#1895 EITest nabbing Chrome ssers with a “Chrome Font” social engineering scheme
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12