Browsing category
Severe ransomware attacks against public institutions in the United States are becoming very common, IT security audit specialists say. From schools, libraries, and public administration systems, incidents keep happening in cities such as Florida, New York, Louisiana, and more. Recently, U.S. authorities disclosed a ransomware attack on the Georgia State Patrol. Lt. Chris Stallings, head […]
Researchers discovered a new campaign with Zegost info stealer malware that believed to be originated from Chinese based threat actors who is targeting government networks in China. Zegost uncovered back to 2011 since then attackers updated with various new functionalities and added new persistence capabilities, exploits to maintain the access. Researchers believe that the malware only […]
A new multistage attack exploiting Elasticsearch servers using the old unpatched vulnerability to invoke a shell with a crafted query and encoded Java commands. The attack aims to deliver BillGates/Setag Backdoor against vulnerable Elasticsearch servers. The attack targets the already patched vulnerability in the Groovy scripting engine (versions 1.3.0 – 1.3.7 and 1.4.0 – 1.4.2) […]
Information security specialists say that there are an increasing number of incidents of cyberattacks in schools or government institutions in the U.S. Just yesterday, a cybersecurity emergency declaration was released in the state of Louisiana, after the governor reported that a variant of malware had infected the computer systems of multiple academic institutions. Now, Alabama […]
Are you using an Android device? Beware! You should be more careful while playing a video on your smartphone—downloaded anywhere from the Internet or received through email. That’s because, a specially crafted innocuous-looking video file can compromise your Android smartphone—thanks to a critical remote code execution vulnerability that affects over 1 billion devices running Android […]
The fileless code injection technique called Process Doppelgänging is actively being used by not just one or two but a large number of malware families in the wild, a new report shared with The Hacker News revealed. Discovered in late 2017, Process Doppelgänging is a fileless variation of Process Injection technique that takes advantage of […]
Cybersecurity researchers have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep flaw. BlueKeep is a highly-critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Services that could allow an unauthenticated remote […]
The Underground hacking Forums are the market place for cybercriminals to advertise various malware variants and other hacking tools. A new report represents the top malware families advertised. By analyzing more than 3.9 million posts, Recorded Future’s, Insikt Group identified the top malware variants that are advertised in the hacking and it’s a correlation with […]
Researchers discovered a previously unseen malware called Okrum that distributed from APT15 threat group via a hidden PNG file with steganography technique to evade detection. APT15 threat group also known as Ke3chang has a long history of its malicious activities since 2010, and it was initially reported in 2013 during their campaign activity attack organization in […]
Specialists in system audits have detected a new ransomware variant that has already managed to infect more than a hundred private companies and government institutions in the United States and, most recently, in China. Tencent, the company in charge of the report, claims that the attacks are directed from Asian territory. The report mentions that […]
The tension generated by the cyber warfare between the United States, and its allies, and Iran keeps growing. Although some information security specialists consider Iranian hackers to be light years away from the U.S. government in terms of capabilities and resources, this does not apply in the same way for the American private companies’ technology […]
Security researchers observed a new campaign targeting financial institutions and governmental organizations with a customized version of a remote access tool called “Proyecto RAT”. The payload found to be written in Visual Basic 6 and it uses Disposable E-mail Address service yopmail for its C&C communication. The yopmail is known for creating temporary inboxes. Infection […]
Cybersecurity services specialists reported a ransomware attack that temporarily affected the operations of the community radio station WMNF 88.5 – FM, based in Tampa, Florida. According to statements by interim general manager Cindy Reichard, that nasty incident began sometime on June 18. The next day, one of the radio station’s programmers detected strange behavior on […]
Tracking the malicious activities of the elusive Ke3chang APT group, ESET researchers have discovered new versions of malware families linked to the group, and a previously unreported backdoor
Researchers discovered a new Linux malware called “EvilGnome” with previously unseen functionalities that capable of creating a backdoor and spying the Linux desktop users. Based on the evidence and the operational similarities, the implant possibly distributed by Gamaredon Group, a Russian based threat group that has been active since at least 2013. Gamaredon Group attack victims using […]
Infamous Turla APT Hackers group renew its arsenal with a new hacking tool named “Topinambour ” also called as aka Sunchoke that is mainly used to target and compromise the government networks. The newly added tool started using at the beginning of 2019, and the malware authors named it as Tonpinambour by themselves for this […]
We admit here in hackercombat.com, we are one of the cybersecurity news organizations that somewhat hyped Artificial Intelligence (AI) when it comes to cybersecurity. We wrote numerous articles heralding the “hero” that will save us from the seemingly endless cat and mouse race between discovering a vulnerability that is currently exploited, and the time the […]
Ransomware is one of the most common cyber threats that users face nowadays. According to IT security audit experts, every few days groups of threat actors launch new campaigns to infect users, encrypt their files and demand ransoms in exchange for compromised information access. Although there are dozens of variants of encryption malware, one of […]
Security researchers have discovered a rare piece of Linux spyware that’s currently fully undetected across all major antivirus security software products, and includes rarely seen functionalities with regards to most Linux malware, The Hacker News learned. It’s a known fact that there are a very few strains of Linux malware exist in the wild as […]
Last Valentines day, we made a fearless declaration here in Hackercombat.com, that Trickbot is shaping itself of becoming the “malware of the year”, due to its massive campaigns of infecting computers worldwide. That will remain as our forecast; Trickbot was recently named by the DeepInstinct security researchers as responsible for the compromise of at least […]
A new Mirai variant dubbed Miori uses text-based protocols to establish communication with command-and-control (C&C) servers. The Miori campaign was identified in last year December, exploiting vulnerability n the ThinkPHP programming framework. Miori targets IoT devices and exploits them by taking advantage of the vulnerabilities and integrate them to the botnet network to launch various […]