Browsing category
According to digital forensics specialists, the Federal Bureau of Investigation (FBI) is trying to charge some hackers, including the founder of NiceHash cryptocurrency platform, for a supposed conspiracy to distribute malware through Darkode, one of the main hacking forums on dark web. Agency officials say that Darkode is a criminal group powered by an online […]
Hackers abuse Oracle WebLogic Server Vulnerability CVE-2019-2725 to deliver Monero Miner. The vulnerability is easily exploitable, any unauthenticated attacker with HTTP access to the server can attack without authentication. Trend Micro observed a new cryptocurrency-mining activity involving the vulnerability and to hide the malicious code they used certificate files. Malware Infection Malware exploits CVE-2019-2725 to […]
According IT security audit service specialists, Google recently recognized that a group of cybercriminals discovered a backdoor preinstalled on Android devices during the year 2017. The backdoor, known as Triada, was reported for the first time by researchers from the Kaspersky firm; in their first report, experts mentioned that this was one of the most […]
Threat actors from MuddyWater APT groups now add a new set of latest exploits to their hacking arsenal and tactics, techniques and procedures (TTPs) to target government entities and telecommunication sectors. Iran sponsored MuddyWater group operating by advanced persistent threat actors and this APT group was initially spotted in 2017, they are mainly targeting the […]
After a long time, the cryptocurrency mining script known as Coinhive has finally ceased to be a problem for system administrators and website visitors. However, cryptojacking remains one of the main cybersecurity threats. Specialists in IT security services have discovered a new malware variant that takes advantage of the victims’ hardware to mine virtual assets. […]
A new malware dubbed BlackSquid bags eight notorious exploits to drop XMRig Monero cryptocurrency miner targeting web servers, network drives, and removable drives. The malware employs several anti-virtualization, anti-debugging, and anti-sandboxing methods to avoid detection. If the malware detects any sandboxes, it immediately cancels the infection process to avoid detections. Trend Micro observed that BlackSquid […]
How a Montreal-made “social search engine” application has managed to become widely-spread adware, while escaping consequences
Some details about the hacking campaigns deployed by OilRig, a group of malicious hackers linked to the Iranian government have been revealed by a hacker group self called Lab Dookhtegan, reported cyber security service specialists. OilRig is a group of advanced persistent threats (APT) linked to Iran regime active at least since 2014. The main […]
ATM-Based cyber attacks are continually evolving with much more advanced methods and functions, attackers continuously employ the number of sophisticated malware families to trick the ATMs to dispense cash. The first ATM skimmer malware designed to launch an attack on ATMs was spotted 10 years before. From the time of discovery, it has evolved to […]
Now Microsoft Azure becomes a sweet spot for hackers to host powerful malware and also as a command and control server for sending and receiving commands to compromised systems. Microsoft Azure is a cloud computing platform created by Microsoft for building, testing, deploying, and managing applications and services through Microsoft-managed data centers. Initially, this malicious […]
Gandcrab ransomware first spotted in January 2018, and it is the most sophisticated and continuously changing ransomware. The operators behind the ransomware have released five different ransomware versions in more than one year. The ransomware was distributed through multiple vectors that include malicious spam emails, exploit kits, social Engineering methods, and other malware campaigns. According […]
Threat actors from TA505 hacking group conducting new wave attack by modifying the legitimate remote admin tool to Weaponized hacking tool that targets retailers in the U.S, and various financial institutions from Europe, APAC and LATAM. TA505 hacking group believed to reside in Russia and the threat actors from this group involved in various high […]
Hackers are always on the lookout for vulnerable websites into which they could inject malware and use the same to distribute malware or other potentially harmful applications into users’ systems/devices. There are many kinds of malware that evade detection and stay inactive until the hacker sends a signal to allow a backdoor entry or to […]
A new sophisticated, unique Linux malware dubbed HiddenWasp used in targeted attacks against victim’s who are already under attack or gone through a heavy reconnaissance. The malware is highly sophisticated and went undetected; the malware is still active and has a zero detection rate. The malware adopted a massive amount of codes from publically available […]
Although they are not uncommon, network security specialists mention that the security risks present in Linux systems are not known broadly enough. Either because of its little offensive nature or because the security mechanisms of these systems overlook them, these security threats do not receive as much diffusion as those that impact Windows systems. However, […]
Linux is considered a more secure and privacy-focused operating system than Windows, not only because of a low market share (only 2% of all installed desktop operating system) but also due to its very architecture that is patterned after Unix. However, a device cannot approach absolute security while also connected to the Internet, that in […]
A new China-based campaign dubbed Nansh0u targets Windows MS-SQL and PHPMyAdmin servers worldwide. The attack campaign primarily targets servers belonging to the healthcare, telecommunications, media, and IT sectors. Guardicore Labs detected the campaign at the beginning of April, but the attacks found dating back to February 26. Throughout the campaign threat actors used 20 different […]
Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide. Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has already infected nearly 50,000 servers and are installing a sophisticated kernel-mode rootkit on compromised […]
ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only
Researchers discovered a new wave of Mirai Variant that used 13 different exploits to attack various router models and other network devices. These exploits are associated with this new Mirai variant capable of launching backdoor and distributed denial-of-service (DDoS) attacks. Mirai malware has strong records of infecting poorly managing IoT devices and performing DDOS attacks […]
The Laptop loaded with six most dangerous pieces of malware was sold at an auction. The malware present in the Laptop is responsible for causing financial damages totaling $95 billion. It is the most dangerous machine right now in the World which runs over Windows XP operating system. Here to be noted that Microsoft has […]