Security News

Elastic, the company behind the most widely used enterprise search engine ElasticSearch and the Elastic Stack, today announced that it has decided to make core security features of the Elastic Stack free and accessible to all users.

ELK Stack or Elastic Stack is a collection of three powerful open source projects—Elasticsearch, Logstash, and Kibana—that many large and small companies are using to format, search, analyze, and visualize a large amount of data in real time.

In recent months, we have seen how thousands of instances of insecure, poorly configured Elasticsearch and Kibana servers had left millions of users sensitive data exposed on the Internet.

Since the free version of Elastic Stack by default does not have any authentication or authorization mechanism, many developers and administrators fail to properly implement important security features manually.
Read more »

Project Zero’s team mission is to “make zero-day hard”, i.e. to make it more costly to discover and exploit security vulnerabilities. They primarily achieve this by performing their own security research, but at times they also study external instances of zero-day exploits that were discovered “in the wild”. These cases provide an interesting glimpse into real-world attacker behavior and capabilities, in a way that nicely augments the insights we gain from our own research.
Today, they shared their tracking spreadsheet for publicly known cases of detected zero-day exploits, in the hope that this can be a useful community resource:


Spreadsheet link: 0day “In the Wild”
The data described in the spreadsheet is nothing new, but they think that collecting it together in one place is useful.
For example, it shows that:

Read more »

Emsisoft has released a decryptor for the MegaLocker and NamPoHyu ransomware that has been targeting exposed Samba servers. Victims can now use this decryptor to recover their files for free.

Last month we reported that the MegaLocker NamPoHyu Ransomware infections are targeting exposed Samba servers and encrypting their data remotely. At that time we stated that users should not pay the ransomware as a method to decrypt the files may have been discovered.

We are happy to announce that a decryptor is now available from Emsisoft that can decrypt victims of the MegaLocker and NamPoHyu for free.

Read more »

Europol announced the shut down of two prolific dark web marketplaces—Wall Street Market and Silkkitie (also known as Valhalla)—in simultaneous global operations against underground websites for trading drugs, stolen credit card numbers, malicious software, and other illegal goods.

Police in western Germany has also arrested three men who were allegedly running Wall Street Market, the world’s second largest dark marketplace with more than a million users and 5,400 vendors.

Besides this, the operation involving EuropolDutch police and the FBI also led to the arrests of two major suppliers of narcotics via the Wall Street Market site in Los Angeles, the United States.

According to the Europol, the police officers seized the computers used to run the illegal market place, along with more than €550 000 in cash, more than €1 Million in Bitcoin and Monero cryptocurrencies, expensive cars, and other evidence.

Read more »

More than 60,000 stolen digital profiles are currently up for sale on Genesis Store, a private and invitation-only online cybercriminal market discovered and exposed by Kaspersky Lab researchers.

“The profiles include: browser fingerprints, website user logins and passwords, cookies, credit card information. The price varies from 5 to 200 dollars per profile – it heavily depends on the value of the stolen information,” said the researchers.

A digital fingerprint is a complex collection of system properties up to 100 attributes, from IP addresses, screen size, device ID, timezone, GPU/CPU info, cookies, and many others—and user behavioral characteristics that can range from the user interests and custom system configuration changes to the time spent on specific websites and mouse movement behavior.

Read more »