Browsing category
The words “Linux” and “cryptojacking” are the two words we usually do not see in the same sentence. But it seems like cybercriminals are expanding beyond the traditional Windows computers these time, for the purpose of maximizing profits through crypto mining using infected Linux servers this time. Josh Grunzweig of the prolific Palo Alto Unit […]
Specialists in ethical hacking from the cybersecurity firm Kaspersky reported the discovery of a new ransomware variant much more dangerous than encryption malware conventionally used by threat actors. This new malware, known as Sodin, exploits a zero-day flaw in the Windows operating system tracked as CVE-2018-8453; in other words, the targeted user doesn’t even have […]
Ethical hacking specialists from the security firm Kaspersky reported the discovery of a new malware variant used by hackers to infect ATMs and extract money with illicit transactions in Mexico and some South American territories, such as Colombia. Kaspersky, which provides cybersecurity services and has an advanced research program, reported that, after performing an intensive […]
BianLian malware was first detected in October 2018; the malware aims in stealing OTP authentication codes, check balances, inject push notifications, and also capable of locking device and ask users to pay the ransomware. The updated version of the malware contains a Screencast Module to records the screens of the infected device and Socks5 module […]
USCYBERCOM published an alert that hackers were exploiting the CVE-2017-11774 Microsoft Outlook Security Vulnerability to deliver malware using an HTTPS domain. Microsoft already patched the vulnerability in 2017 and the USCYBERCOM alert refers to the ongoing campaign that exploiting CVE-2017-11774. Users are advised to ensure that they have patched the vulnerability. — USCYBERCOM Malware Alert […]
The Antivirus Company Avast issued an alert on Monday about the spread of a virus that attempts to infect Brazilians smartphones and steal consumers’ banking data. The malware is called WannaHydra, which has the capabilities to hijack information, collect call logs, access contacts and take photos from the infected device. According to Avast, the virus […]
A team of website security specialists detected and exposed a campaign that, taking advantage of Libya-related news, began deploying dozens of fake Facebook sites and profiles to distribute malware over the past five years. The links used by the attackers redirected the victims to sites that hosted malware for Android and Windows equipments; one of […]
OceanLotus APT Group also known as APT32, SeaLotus, and CobaltKitty uses undetected Remote Access trojans Ratsnif to leverage network attack capabilities. The trojan was active since 2016, and it has features like packet sniffing, gateway/device ARP poisoning, DNS poisoning, HTTP injection, and MAC spoofing. The Cylance Threat Research Team detected four distinct samples of Ratsnif […]
In the first phase of architecturing the SOC, we have seen the basic level understanding of the attacks and necessary steps to breaking the Attack Chain. Let’s move on to the phases of SOC and advanced level of protecting the organization. Early years, when we say the virus, it’s just an ‘exe’ file with some […]
Researchers have discovered the Facebook account network, which uses Libyan themes and information to spread malware to tens of thousands of people over a five-year period. Links to Android and Windows-based malware caught the attention of the researcher when they found them in a Facebook post proposed as Marshal Khalifa Haftar, commander of the Libyan […]
Android Horror game uses malicious scripts to steal the user’s login credentials and uses ad networks to drive more traffic and cause damage to the affected device. Wandera’s threat research team identified the malicious app on the Google Play Store. The app fools the Google Play Store’s rigorous security checks, “by using time-released malicious behavior, […]
Russian Internet Giant Yandex hacked by Western intelligence agencies hackers with a rare type of malware called “Regin” to spy on Yandex users account. Yandex is a Russian search engine also specializing in Internet-related products and services including Commerce, transportation, navigation, mobile applications, and online advertising. Yandex is widely known as Russian Google. The attacker was conducted between […]
National Cyber Security Centre (NCSC) from the UK issued an alert for Ryuk ransomware attack that is actively targeting global organization associated with Emotet and TrickBot malware. Researcher uncovered this ongoing Ryuk ransomware infection identified in the various organization network along with Emotet and TrickBot infection. Ryuk Ransomware initially uncovered in August 2018 since then […]
The Five Eyes alliance (New Zealand, Australia, Canada, UK and the United States) allegedly launched a takedown-level cyber attack and large-scale industrial espionage against Russia’s biggest search engine and web services company, Yandex. The incident occurred between October 2018 to November 2018, the data breach includes information about Yandex’s research and development efforts at that […]
According to information security audit specialists there is a Microsoft Excel feature called Power Query that could be used by threat actors to inject malware into remote systems. Experts at Mimecast Threat Center described how the vulnerability could be exploited through a proof of concept. Power Query enables Excel users to embed external data sources […]
Researchers discovered a new malware campaign called ViceLeaker that specifically targeting the Android users with sophisticated backdoor capabilities to Hijack camera, delete files, record audio and more. Some of the Malware samples discovered by Kaspersky researchers are modified versions of an open source Jabber/XMPP client called “Conversations” a legitimate version of the Android app available in Google […]
We rarely feature a story about MacOS security here in Hackercombat.com, as the platform is not really attractive for hackers to target. MacOS with its BSD underpinnings and minority market share compared to Redmond’s operating system we all call Windows, make it very unproductive for virus authors to bother with. However, from time-to-time, a prominent […]
IT security audit specialists from the cybersecurity firm Intego have reported supposed in the wild exploitation of an uncorrected vulnerability in some of Apple MacOS Gatekeeper security features; there is a proof of concept of this exploitation published online. A few days ago, experts discovered at least four different samples of this macOS malware on […]
Infamous Chinese APT 10 hackers compromised over 10 Telecom networks around the world under the campaign called Operation Soft Cell and stealing various sensitive data including call records, PII, and attempting to steal all data stored in the active directory. APT 10 Threat actors known as one of the sophisticated hacking group in the world and […]
Cybersecurity researchers from Intego are warning about possible active exploitation of an unpatched security vulnerability in Apple’s macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month. Intego team last week discovered four samples of new macOS malware on VirusTotal that leverage the GateKeeper bypass vulnerability to execute untrusted code […]
Microsoft uncovered a new campaign with a sophisticated infection chain delivering notorious FlawedAmmyy RAT as a final payload. The attack starts with an email that contains .XLS attachments and the contents of the email in the Korean language. Previous campaigns that involve FlawedAmmyy RAT are carried out by TA505 threat actors, upon successful execution of […]