Finished Intelligence

All Articles (115)

In just five years, Xi Jinping has surprised everyone by altering the vector of China’s development to match his vision for a China that stands as a peer to the United States.  He has done this by methodically concentrating political, economic, and military power into his own hands so that he now stands alone as the supreme leader of China. Xi Jinping has proved different from his predecessors in many ways.  He has gained control over the Communist Party through a deep and wide-ranging…

SamSam is an example of a manually controlled ransomware, which has been recently identified by researchers.[1]  SamSam ransomware is unique in its nature due to targeted victims and large ransom demands.  The ransomware is active since December 2015 and large organizations including the City of Atlanta, Colorado Department of Transportation, several hospitals and educational institutions, have been successfully…

Prvtzone[.]ws is a clear web marketplace and forum. The marketplace primarily sells stolen credit cards. In this forum, members (vendors and buyers) discuss the website purpose regarding stolen information. One seller, BuyBaseFactory (BBF), sells cards and stolen CC/CVV and dumps track 1 (TR1) and track 2 (TR2)[1] from the US, Europe, parts of South America and Africa.

Researchers have identified six vulnerabilities in the Antenna House Office Server Document Converter (OSDC).[1]  Antenna House Office Server Document Converter is a product designed to convert Microsoft Office documents into PDF and SVG type documents.  The vulnerabilities are used to remotely execute code on a vulnerable system.  The vulnerabilities identified are exploited to a locally execute code, or can even be accomplished remotely,…

FastBooking, a Paris-based company that sells hotel booking software to more than 4,000 hotels in 100 countries, had all its data stolen this month by an unknown attacker. Hotel guest personal identifying information (pii), travel dates and credit card information was taken. The breach took place on 14 June 2018 and took personal data in 58,003 leaks while credit card information was stolen in the remaining 66,960 cases.

Cybersecurity threats are always changing.  Threats that target businesses are malware, phishing, ID theft, Distributed Denial of Service (DDoS) attacks, software threats, data diddling, password attacks, Man-In-The-Middle (MITM) attacks, salami-slicing, IoT hacking, and cyber extortion.  These are the most common cyber threats that small business companies need to be protected against.  It is highly likely your business can reasonably prevent and mitigate many of these type…

Operation Prowli Operation Prowli is a traffic manipulation and cryptocurrency mining campaign infecting a wide number of organizations in critical infrastructure sectors such as finance, education and government. This campaign spreads malware and malicious code to servers and websites and has compromised more than 40,000 machines in multiple areas of the world. Impact The malware has already hit more than 40,000 victim machines from over 9,000 businesses in various domains; to include finance,…
Patch Issued for Critical Adobe Flash Vulnerability Adobe has released a security patch update for a critical vulnerability in its Flash Player software. The malware is actively exploiting targeted attacks against Windows users. Adobe Flash player zero-day attacks have primarily been targeting users in the Middle East using a specially crafted Excel spreadsheet. The stack-based buffer overflow vulnerability, explained in CVE-2018-5002 , impacts Adobe Flash Player 29.0.0.171 and earlier versions…
A month ago, Anonymous (Anon #OpUSA) cyber actors reported they caused service outages on the websites of various US Government agencies, to include Department of Defense agencies. These claims were alleged by showing service outages for the public-facing websites of these US federal agencies. The alleged outages were false. The false reports are likely intimidation and propaganda techniques against the US government. In December 2017, Anon #OpUSA organizers initiated a call for action to plan…
Summary Wapack Labs highly recommends following US government guidelines to any owner of a small business or personal home office routers; to power cycle (reboot) their devices. International bad actors have compromised hundreds of thousands of home and office routers and other networked devices. These bad actors use the VPNFilter malware to target small office and home office routers. This malware is able to perform multiple functions, including potential information collection, device…
The US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a current technical alert on the North Korea-linked threat group known as the government name: Hidden Cobra, or the cyber security name of the Lazarus Group. The Lazarus Group is highly suspected or conducting numerous high-profile attacks; to include targeting Sony Pictures, Bangladesh’s Central Bank and various financial organizations. The Lazarus Group’s campaigns are traced as Operation…