Browsing category
Security researchers have had a busy week since the WannaCry ransomware outbreak that wreaked havoc on computers worldwide. News of the infection and the subsequent viral images showing everything from large display terminals to kiosks being affected created pandemonium in ways that haven’t been seen since possibly the MyDoom worm circa 2004. News organizations and […]
Decryption tool is of limited value, because XP was unaffected by last week’s worm. Owners of some Windows XP computers infected by the WCry ransomware may be able to decrypt their data without making the $300 to $600 payment demand, a researcher said Thursday. Adrien Guinet, a researcher with France-based Quarkslab, has released software that […]
Yes, WannaCry is horrible. It locked people’s files and ruined businesses all over the world. With that being said, that doesn’t mean people can’t have fun with it. Over the last few days, a new Internet meme has become popular among infosec professionals, and that’s the act of photoshopping the WannaCry ransom note on anything […]
Next time someone links you to whatsapp.com, make sure you take a second look. There’s some adware currently circulating around the web by tricking users to visit a ‘шһатѕарр.com’ domain instead. Yes, those are different URLs – the fake URL uses characters from the Cyrillic alphabet. As spotted by redditor u/yuexist, the site promises to let […]
WikiLeaks Reveals two distinct malware platforms codenamed AfterMidnight and Assassin used by the CIA operators to target Windows systems. While critical infrastructure worldwide and private organizations were ridiculed by the WannaCry attack, WikiLeaks released a new batch of CIA documents from the Vault 7 leaks. The new dump included the documentation related to two CIA frameworks used to create […]
The WannaCry ransomware — also known as WCry, Wana Decrypt0r, WannaCrypt, and WanaCrypt0r — infected a honeypot server made to look like a vulnerable Windows computer six times in the span of 90 minutes, according to an experiment carried out by a French security researcher that goes online by the name of Benkow. During one […]
A new malware family called Jaff has been identified by researchers who say they are currently tracking multiple massive spam campaigns distributing the malware via the Necurs botnet. “It came out of nowhere with a huge bang,” Cisco Talos researchers said Friday In the last 24 hours, the firm has observed several large-scale email campaigns […]
Decommissioned for years, Windows XP, 8, and Server 2003 get emergency update. A day after a ransomware worm infected 75,000 machines in 100 countries, Microsoft is taking the highly unusual step of issuing patches that immunize Windows XP, 8, and Server 2003, operating systems the company stopped supporting as many as three years ago. The […]
The audio driver installed on some HP laptops includes a feature that could best be described as a keylogger, which records all the user’s keystrokes and saves the information to a local file, accessible to anyone or any third-party software or malware that knows where to look. Swiss cyber-security firm modzero discovered the keylogger on […]
I am trying something new where I will post in brief articles about new ransomware as they are released. Many of these ransomware infections do not warrant a full article, but I feel its important to quickly get the word out about new techniques or variants as we discover them. In our first ransomware in brief article, […]
Sednit is back – this time with two more zero-day exploits embedded in a phishing email titled Trump’s_Attack_on_Syria_English.docx.
A portal hidden on the Dark Web is responsible for the small deluge of recent PadCrypt ransomware versions that have been spotted almost on a monthly basis in the past year. Besides infosec experts tracking ransomware evolution, very few people know that PadCrypt is one of the most active and well-maintained ransomware variants encountered in […]
Malwaresearch is a command line tool to find malware on Openmalware.org, it was developed to facilitate and speed up the process of finding and downloading malware samples. The tool was developed to facilitate and speed up the process of finding and downloading malware samples via the command line interface. We’ve made use of the API provided by […]
A new Ransomware-as-a-Service has become available on the Dark Web, named FrozrLock, available for only $220, and advertised under the tagline of “great security tool that encrypts most of your files in several minutes.” Bleeping Computer received a tip about FrozrLock’s existence from security researcher David Montenegro, and with help from Avast security researcher Jakub […]
A mirror download server for the popular tool HandBrake video file-transcoding app has been compromised by hackers, who replaced its Mac edition with malware.
Real-time full-blown snooping with breakable encryption. The UK government has secretly drawn up more details of its new bulk surveillance powers – awarding itself the ability to monitor Brits’ live communications, and insert encryption backdoors by the backdoor. In its draft technical capability notices paper [PDF], all communications companies – including phone networks and ISPs […]
Shodan and Recorded Future have launched today a search engine for discovering malware command-and-control (C&C) servers. Named Malware Hunter, this new tool is integrated into Shodan, a search engine for discovering Internet-connected devices. Malware Hunter works via search bots that crawl the Internet looking for computers configured to function as a botnet C&C server. In […]
IBM has issued a security alert last week, warning customers that some USB flash drives shipped with IBM Storwize products may contain malicious code. The USB flash drive is said to store the Initialization Tool for IBM Storwize, a big data storage system (rack-based disks system) for data centers. The part number of the infected […]
Intel’s security team released a series of patches yesterday that fix a remote code execution (RCE) bug found in the Intel Management Engine (ME). The RCE bug affects Intel ME technologies such as Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT). All of these are technologies that allow […]
A malware coder is injecting megabytes of junk data inside his malicious payloads, hoping to avoid detection by some antivirus solutions or delay investigations of infosec professionals. Known only as “123”, this malware coder has been active since 2015, when he was first spotted deploying the XXMM malware. His activity falls in the category of […]
Mobile applications that open ports on Android smartphones are opening those phones to remote hacking, claims a team of researchers from the University of Michigan. Open ports are a well-known threat vector on servers, where administrators deploy security software with the primary purpose of shutting down or alerting the owner every time an unauthorized port […]