Browsing category
Cybercriminal host dozens of Facebook groups to serve as a marketplace for carrying out a number of illicit services and for exchanges. Instead of using hidden services cybercriminals prefer to operate in the massive social media platform. Talos research uncovered several groups on Facebook that involved in illegal activities, some groups found active for 8 […]
According to the ethical hacking training from the International Institute of Cyber Security (IICS), a group of researchers has discovered a new variety of fileless malware attacking mainly clients of some Banks in countries like Brazil and Thailand, using a hacking tool and at least two tools for information theft. Ethical hacking training specialists mention […]
BasBanke is a new variant of malware for Android mainly directed to users of this operating system in Brazil. According to the authors of ‘Learn ethical hacking‘, it is a banking Trojan that steals sensitive financial data, such as card numbers, card type, etc. According to the authors of ‘Learn ethical hacking’, the propagation of […]
A new wave of infamous credential stealer malware “Separ” infects organizations through living off the land attack methods. In this campaign, threat actors leverage new file hosting service and a legitimate FTP client to upload the exfiltrate and to store data. According to DeepInstinct, the activity still continues and the data extracted are stored on […]
Researchers discovered a new Android Malware called “BasBanke” targeting Brazilian users to steals financial related sensitive data such as credentials and credit/debit card numbers. BasBanke Malware continuously infects users since 2018 Brazilian elections using various malicious apps that downloaded over 10,000 times from Google Play Store till the date. Malware authors abusing Facebook and WhatsApp […]
A vulnerability in Xiaomi Mi Pre-Installed Security App ‘Guard Provider’ exposes more than 150,000 devices to an attack. Security researchers from Checkpoint discovered a critical vulnerability in pre-installed security app, ‘Guard Provider’ which allows an attacker to launch a Man-in-the-Middle (MiTM) attack. Xiaomi Pre-Installed Security App The security app includes third-party SDKs for offering the […]
The authors of the book ‘Learn ethical hacking’, along with specialists from the International Institute of Cyber Security (IICS), report the existence of a critical vulnerability in the Matebook laptop, developed by Huawei; according to the reports, this flaw could be exploited to take control of the compromised devices. The Chinese company has faced strong […]
A Chinese woman carrying malware in USB drive was arrested at Trump’s Mar-a-Lago club over the weekend during his Florida visit. Yujing Zhang, 32 have been charged for 2 Federal crimes: For making a false statement to Federal officers and entering the restricted property. According to court documents, she told Secret Service agents that she […]
Cybercriminals attempting to compromise iOS & Android devices via advanced Phishing campaign that redirect iOS users to a malicious landing page which allows attackers to collect sensitive information and the Android users are compromised with malware via Hijacked WiFi Routers. Researchers believe that the attack belongs to Roaming Mantis campaign that uses DNS hijacking attack […]
Ethical hacking training specialists from the International Institute of Cyber Security (IICS) report the finding of a new variant of ransomware called Unnam3d; according to the reports, this malware moves the victim’s files to protected RAR files and, as a characteristic feature, the operators demand Amazon gift cards as a ransom. The malware was first […]
Cybersecurity deals with emerging dangers and includes protecting and preventing means against hacker attacks. New technologies are booming, and our gadgets become more advanced. Both artificial intelligence and machine learning are proliferating. But, new technologies bring new problems. Cybercriminals are also trying to keep up with the time. Thus, risks to cyber-security are directly related […]
A Well-known APT Group OceanLotus leveraging a steganography method to hide the encrypted malware payload within a .png image file to infect the targeted system. OceanLotus group known for Multiple attack campaigns around the globe, the threat actor group targets private sectors across multiple industries, foreign governments. Steganography, a method used by attackers to hide […]
Microsoft released a new future called Tamper protection in Microsoft Defender ATP to provide next-gen security to their users and block the advanced and never before seen malware within a seconds. In order to expand the security in Microsoft anti-malware solution, Tamper protection provides an additional security future against improper modification in the apps by […]
CMS based sites such as WordPress and Joomla are the popular targets for cybercriminals, they hijack those sites and inject malicious contents. ThreatLabZ researchers detected a campaign that targets WordPress and Joomla sites to distribute Shade/Troldesh ransomware, backdoors, redirectors, and a variety of phishing pages. Hackers use to hijack several hundreds of CMS sites and […]
A new wave of Emotet malware campaign distribute the Nozelesn ransomware that targets hospitality industries based endpoint systems via malicious word documents. Telemetry had over 14,000 detections via emotet spam emails that are distributed all over the world between January 9, 2019, and February 7, 2019. These mass infections mainly targeting specific countries including Great […]
Cyber Criminals launching a new malware via weaponized PDF & MS Word Version of New Zealand terror suspect’s manifesto. Researchers noticed 8chan, an imageboard website composed of user-created boards contains several posts that link to a manifesto, allegedly authored by the terror suspect of New Zealand terror attack. These Manifesto contain several version of PDF […]
You may be a victim for ShadowHammer hack, here is the complete list of the MAC Address, tool to check for infection and the update to resolve the issues. Operation ShadowHammer targeted the ASUS computers software update tool to inject a backdoor. The attack found to be active since June to November 2018 and it […]
Gustuff a fully automated baking malware that abuses the accessibility Service to steal login credentials from 100+ global bank accounts and robs users of 32 cryptocurrency apps. The Accessibility Services in Android devices is to assist users with disabilities in using Android devices and apps. Gustuff malware script contains fake pages targeting users of Android […]
Hackers continue to employ new techniques to evade detection from antivirus and other security products. This time they started using previously reported and widely used BOM technique. Previously Russian hacker groups used this technique to modify the hosts file on Windows systems. The Byte Order Mark additional helps the threat actor groups to stay under […]
Relentless espionage Group also called as aka APT33 (Elfin) targeting various organization in Saudi Arabia and United States by deploying a variety of malware in their network. Aka APT33 group specifically targeting corporate networks and it compromised around 50 organizations in different countries since 2015. Cybercriminals scanning the vulnerable websites of a specific target, later […]
In the year 2013, an Internet service provider warned Huawei about a security vulnerability in all of its domestic use routers. According to ethical hacking training experts from the IICS, the Chinese company updated only two of the models that used the compromised firmware. Currently, Huawei devices are still being used by thousands of consumers […]