Browsing category
Cyber Criminals selling Parasite HTTP RAT (Remote Access Trojan) on the underground marketplace that distributed via Email to the victims using Weaponized Microsoft office documents. A dubbed Parasite HTTP is a professionally coded modular remote administration tool for windows Which is written by malware authors using “C” programming language. It uses a technique called an extensive […]
A new exploit kit dubbed Underminer spreading through advertising servers that delivers bootkit which affects system boot sectors and the cryptocurrency-mining malware called Hidden Mellifera. Underminer manages to secure the malware transfers through encrypted transmission control protocol (TCP) and it packs malware as read-only filesystem ROM files. Security researchers from Trend Micro detected the Underminer’s […]
Newly discovered PowerGhost Malware Spreading across corporate networks that infecting both servers and workstations to illegally mining the crypt-currency and Perform DDoS Attacks. Cybercriminals targeting large number corporate networks to mining the cryptocurrency and DDoS attack to generate huge profits. Enterprise Networks should choose the best DDoS Attack prevention services to ensure the DDoS attack protection and prevent […]
Newly discovered APT Cyber Espionage Campaign called “Leafminer” from Iranian Hacker Group targeting the wide range of government organizations to steal the sensitive data such as Email Data, Files & Database servers Credentials. This APT group using various types of attack tactics such as watering hole websites, vulnerability scans of network services on the internet, and […]
Fake Banking Apps that posing to be from three major Indian banks made way into the official Google Play store. The malicious claiming to increase the credit limit of the three banks. Attackers use bogus phish forms to collect the credit card details and internet banking credentials from the victims. The Fake Banking Apps appears […]
Newly discovered malware campaign distributing powerful FELIXROOT Backdoor using Microsoft Office Vulnerabilities to compromise the victim’s windows computers. FELIXROOT backdoor campaign initially discovered in September 2017 that distributed via malicious Ukrainian bank documents with macro that download the backdoor from C&C server. Currently attackers distributing weaponized lure documents that contains exploits for Microsoft office vulnerabilities CVE-2017-0199 and CVE-2017-11882 […]
A new variant of Kronos Banking Trojan appeared in wild targeting users in Germany, Japan, and Poland. The trojan first appeared in 2014 and disappeared after a few years. With the new variant of Kronos Banking Trojan, it uses the Tor anonymizing network for establishing communication with the command and control server. Security researchers from […]
New Clipboard Malware variant discovered that abuse the users Copy-Paste habit and check the Cryptocurrency wallet to replaced its own wallet Address in the Clipboard. Cryptocurrency Address is very unique and it is difficult to remember since its a very long length address with the combination of letters and numbers. Whenever Users Copy something from their […]
A new exploit targeting Android devices with open ADB port 5555 to spread malware through command line troubleshooting utility called Android Debug Bridge (ADB) which allows developers to debug apps on the Android devices. The port generally shut down on the android device and user needs to need to turn it on manually while connecting […]
Cybercriminals spreading powerful FlawedAmmyy RAT via Weaponized Microsoft Word and PDF Attachments to spy victims device and steal the sensitive information Remotely. Hackers always lookout for legitimate programs or application to evade detection and to execute code with minimal user interaction. Matt Nelson from SpecterOps recently published research on how attackers could abuse “.SettingContent-ms” file […]
The US-Cert team issued an alert for advanced Emotet banking malware attack that targets governments, private and public sectors in the most destructive way to steal various sensitive information. Emotet banking malware is continually spreading since 2017 and it is one of the costly banking trojans that mainly affecting territorial (SLTT) governments. Recent malware campaign […]
A macOS backdoor dubbed Calisto remained undetected from the radar of antivirus solutions for years. The malware initially uploaded into virustotal back in 2016 and remains undetected until May 2018. Security researchers from Kaspersky spotted the macOS malware sample with suspiciously familiar features that include remote login, screen sharing, remote login and hidden root account. […]
Blackgear Cyberespionage campaign is active at least from 2008, the threat actors behind the campaign use various malware tools such as the Protux and Elirks backdoor. Trend Micro Security researchers spotted the operators behind Blackgear started using their own tools based on the new attacks. As a notable behavior to avoid detection it abuses Social […]
This is a reflection exercise on the possible evolution of one of the most common information threats nowadays. Are ransomware threats the big deal that media claim? Ransomware is a malware variant seen as part of a waving of fast attacks, which means it is fast in entrance and exit. Hackers don’t have to go through […]
A new phishing email campaign targeting Australian customers with a fake standard MYOB-like HTML invoice template that contains FTP links pointed to compromised servers. With this new campaign, attackers used FTP links instead of the usual HTTP links and most of the FTP sites linked with the Australian domains. The FTP links points to a […]
Security researchers from Z-Lab at CSE Cybsec observed series of malware submitted to the online sandbox and a sample submitted to Virus Total that was attributed by some experts to the Russian APT28 group. The APT28 group (aka Fancy Bear, Pawn Storm, Sednit, Sofacy, and Strontium) active since 2007 and they involved in various attacks […]
Advanced mobile malware campaign targeted against 13 iPhone users in India and the attacker using an open-source mobile device management (MDM) system to control the compromised devices. It was unclear about the enrollment of this attack to manage the targeted device by attackers and the researchers believe that it could be performed via physical access […]
Anubis banking malware re-emerges again and the threat actors distributing the malware on Google Play store apps to stealing login credentials to banking apps, e-wallets, and payment cards. Hackers always finding new ways to bypass the Google play store security and distributing malware via Android apps that will act as the first step in an infection […]
Nine of the consortium establishments have been compromised The malware found at the B&B Hospitality Group (B&BHG) sale points in the New York City area may have been used to access to card payment data. The security breach occurred sometime between March 1, 2017 and May 8, 2018 affecting Del Posto, Babbo, Casa Mono, Becco, Otto […]
Website altered to serve a malware-tainted version of otherwise legitimate software with the global event in Russia acting as a smokescreen
A few days before the Israeli security firm reported that Hamas cyber attackers installed a sophisticated spyware in Israeli soldiers Military Mobile Devices to collect various sensitive information such as military data. Spyware distributed through fake World Cup and online dating apps which were spread through the Google play store as legitimate apps. Apart from this […]