Browsing category
A group of web application security testing experts has released a new version of the tool to remove the encryption imposed by the GandCrab ransomware; according to experts, this new tool could help millions of encryption malware victims unlock their files without having to negotiate a ransom with hackers. GandCrab is one of the most […]
Cybersecurity researchers have released an updated version of GandCrab ransomware decryption tool that could allow millions of affected users to unlock their encrypted files for free without paying a ransom to the cybercriminals. GandCrab is one of the most prolific families of ransomware to date that has infected over 1.5 million computers since it first […]
Researchers discovered new malicious Android apps from Google Play Store bypassing SMS-based two-factor authentication (2FA) mechanisms and steal the OTP without SMS’s permission. Google recently restrict other apps to use of high risk or sensitive permissions, including the SMS or Call Log in March 2019 that leads malware and credentials stealing apps lost its permissions. Newly uncovered malicious apps […]
Any person who has ever used a computer has probably heard the term “malware.” It is everywhere, and the general consensus is that we have to be careful and protect ourselves from it. But what is the malware definition? What is it and why are people afraid of it? The first thing you have to […]
A couple of years ago the Mirai botnet put thousands of system administrators in trouble before being dismantled; however, website security audit experts claim that malware developers keep using this source code as the basis for new variants of the botnet to exploit Internet of Things (IoT) devices. New versions of the botnet appear with […]
ESET analysis uncovers a novel technique bypassing SMS-based two-factor authentication while circumventing Google’s recent SMS permissions restrictions
New malware spotted on Google play that directs users to malicious websites and subscribes users to advertising notifications. The malware is distributed hidden under the official software of well-known brands. The web push notification is the feature that allows websites to send a notification to users, even if the website is not opened, attackers abuse […]
We are in the age of computing where programs are growing to a point towards feature-richness at best and bloatware at worst. Malware itself is also software, developers creating malware also have access to the same development environment as any other developers of legal software. They also realized that their malware was also starting to […]
Specialists in IT security audits of the Kaspersky security firm recently published a report that talks about the cybercriminals’ growing interest in attacking the companies that are part of the video game industry. Experts found that, just this year, threat actors have launched more than 10 billion of credential-stuffing attacks against online gaming platforms and […]
FIN8 hacker group is back with a new highly sophisticated variant of the ShellTea malware and carried out attacks against hotel and entertainment industry. This would be the first attack by FIN8 hacker group in 2019, and it is believed that malware was deployed as a result of a phishing attack. Researchers from Morphisec Labs […]
New Technologies are evolving rapidly nowadays and cybercriminals also traveling, in the same way, to increase the cyber risk factor to the organization as well as individuals and the impact are keep increasing that give more pain and responsibilities for CXO sometimes called the C-level Officers. Evolving advanced cyber threats such as DDoS Attacks are creating […]
A group of web application security experts from Trend Micro firm have detected a hacking campaign against Oracle WebLogic Server implementations to install malicious cryptocurrency mining software. Hackers exploit a vulnerability to install the miner bypassing the detection of system administrators. The National Vulnerability Database (NVD) published last April the security alert regarding a severe […]
The Philadelphia online court system has been closed for a month due to a virus that has interrupted access to the network, report specialists from the IICS’s cybersecurity course. “Suddenly the systems started to fail, I even thought the problem was on my computer”, said one of the system managers. This incident, in addition to […]
According to digital forensics specialists, the Federal Bureau of Investigation (FBI) is trying to charge some hackers, including the founder of NiceHash cryptocurrency platform, for a supposed conspiracy to distribute malware through Darkode, one of the main hacking forums on dark web. Agency officials say that Darkode is a criminal group powered by an online […]
Hackers abuse Oracle WebLogic Server Vulnerability CVE-2019-2725 to deliver Monero Miner. The vulnerability is easily exploitable, any unauthenticated attacker with HTTP access to the server can attack without authentication. Trend Micro observed a new cryptocurrency-mining activity involving the vulnerability and to hide the malicious code they used certificate files. Malware Infection Malware exploits CVE-2019-2725 to […]
According IT security audit service specialists, Google recently recognized that a group of cybercriminals discovered a backdoor preinstalled on Android devices during the year 2017. The backdoor, known as Triada, was reported for the first time by researchers from the Kaspersky firm; in their first report, experts mentioned that this was one of the most […]
Threat actors from MuddyWater APT groups now add a new set of latest exploits to their hacking arsenal and tactics, techniques and procedures (TTPs) to target government entities and telecommunication sectors. Iran sponsored MuddyWater group operating by advanced persistent threat actors and this APT group was initially spotted in 2017, they are mainly targeting the […]
After a long time, the cryptocurrency mining script known as Coinhive has finally ceased to be a problem for system administrators and website visitors. However, cryptojacking remains one of the main cybersecurity threats. Specialists in IT security services have discovered a new malware variant that takes advantage of the victims’ hardware to mine virtual assets. […]
A new malware dubbed BlackSquid bags eight notorious exploits to drop XMRig Monero cryptocurrency miner targeting web servers, network drives, and removable drives. The malware employs several anti-virtualization, anti-debugging, and anti-sandboxing methods to avoid detection. If the malware detects any sandboxes, it immediately cancels the infection process to avoid detections. Trend Micro observed that BlackSquid […]
How a Montreal-made “social search engine” application has managed to become widely-spread adware, while escaping consequences
Some details about the hacking campaigns deployed by OilRig, a group of malicious hackers linked to the Iranian government have been revealed by a hacker group self called Lab Dookhtegan, reported cyber security service specialists. OilRig is a group of advanced persistent threats (APT) linked to Iran regime active at least since 2014. The main […]