Ax Sharma
Author Bio
Ax Sharma is an Indian-origin British security researcher and journalist focused on malware analyses and cybercrime investigations. His areas of expertise include open source software security, threat intel analysis, and reverse engineering. Frequently featured by leading media outlets like the BBC, Channel 5, Fortune, WIRED, among others, Ax is an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).
Send any tips via email or Twitter DM.
-
Sneaky Doki Linux malware infiltrates Docker cloud instances
Attackers are targeting misconfigured cloud-based docker instances running on Linux distributions with an undetectable strand of malware.
- July 29, 2020
- 05:13 PM
-
0
-
5 severe D-Link router vulnerabilities disclosed, patch now
5 severe D-Link vulnerabilities have been disclosed that could allow an attacker to take complete control over a router without needing to login.
- July 24, 2020
- 08:15 AM
-
1
-
D-Link blunder: Firmware encryption key exposed in unencrypted image
The router manufacturer leaks encryption keys in some firmware versions letting reverse engineers decrypt the latest firmware images.
- July 22, 2020
- 12:01 PM
-
4
-
Windows 10 Store 'wsreset' tool lets attackers bypass antivirus
A technique that exploits Windows 10 Microsoft Store called 'wsreset.exe' can delete files to bypass antivirus protection on a host without being detected.
- July 20, 2020
- 11:12 AM
-
3
-
New phishing campaign abuses a trio of enterprise cloud services
A new phishing campaign uses a trio of enterprise cloud services, Microsoft Azure, Microsoft Dynamics, and IBM Cloud, as part of an attempt to steal your login credentials.
- July 18, 2020
- 10:11 AM
-
0
-
Zoom fixes zero-day RCE bug affecting Windows 7, more updates soon
The Zoom web conference Client contained a zero-day vulnerability that could have allowed attackers to execute commands on vulnerable systems remotely.
- July 11, 2020
- 03:20 PM
-
0
-
First look: Microsoft's Project Freta detects Linux malware for free
Microsoft Research has announced a cloud-based malware detection service called Project Freta to detect rootkits, cryptominers, and previously undetected malware strains lurking in your Linux cloud VM images.
- July 08, 2020
- 12:34 PM
-
1
-
.NET Core vulnerability lets attackers evade malware detection
A vulnerability in the .NET Core library allows malicious programs to be launched while evading detection by security software.
- July 05, 2020
- 12:30 PM
-
0
-
Researchers link APT15 hackers to Chinese military company
Researchers have linked the APT15 hacking group known for Android spyware apps to a Chinese military company, Xi'an Tian He Defense Technology Co. Ltd.
- July 02, 2020
- 12:11 PM
-
0
-
Clever Phishing scam targets websites with free DNSSEC offer
A very clever phishing campaign targets bloggers and website owners with emails pretending to be from their hosting provider who wants to upgrade their domain to use secure DNS (DNSSEC).
- June 30, 2020
- 12:46 PM
-
0
-
How public safety systems can be abused by nation state actors
Open systems, open data, and open-source software provide a means to promote greater transparency, public trust, and user participation. But what happens when adversaries can abuse the same systems?
- June 30, 2020
- 03:30 AM
-
0
-
Why certain characters "glitch" Gmail, YouTube, and Twitter
Have you ever used Twitter, Gmail, or YouTube and noticed odd characters being displayed vertically overlay other text on the page or break out UI boundaries? If so and have wondered how this is happening, we dive into the wonderful world of Unicode that causes this behavior.
- June 28, 2020
- 11:24 AM
-
0
-
GeoVision access control devices let hackers steal fingerprints
GeoVision, a Taiwanese fingerprint scanner, access control, and surveillance tech manufacturer, fixed critical vulnerabilities in their devices that could be abused by hackers and nation-state threat actors.
- June 27, 2020
- 02:54 PM
-
0
-
Almost 300 Windows 10 executables vulnerable to DLL hijacking
A simple VBScript may be enough to allow users to gain administrative privileges and bypass UAC entirely on Windows 10.
- June 27, 2020
- 10:05 AM
-
0
-
Twitter discloses billing info leak after 'data security incident'
Twitter has disclosed a 'Data Security Incident' that caused the billing information for Twitter advertisers to be stored in the browser's cache. This bug would have allowed other users on the computer to see this data.
- June 23, 2020
- 09:57 AM
-
0
1
.jpg)
