Gaming industry still in the scope of attackers in Asia
Asian game developers again targeted in supply-chain attacks distributing malware in legitimately signed software
Browsing category
Asian game developers again targeted in supply-chain attacks distributing malware in legitimately signed software
Cyber criminals using The Pirate Bay (TPB), a torrent platform to distribute a matryoshka malware via malicious and harmful torrents that posed as popular software, computer games, media files. Mainly attackers launched in Pirate Bay (TPB) tracker with harmful files that posed as cracked copies of paid programs. Crooks used many different accounts in to […]
Researchers discovered a new brute-force malware called StealthWorker that attack Windows & Linux platform via compromised E-commerce websites to steals personal information and payment data. This Stealthy malware written in Golang language which is very rarely used by malware authors and this language already being used by Mirai botnet develop module. In this case, E-commerce […]
A new malware campaign focuses on stealing online banking credentials, to gather business email address and to gains remote access to the victim machine. According to TrendMicro analysis, the fileless banking malware with multiple .BAT attachments is capable of establishing the connection with an IP address and downloads the PowerShell trojan payload and installs hack […]
Researcher recently discovered a malicious Fake Browser Update campaign that being delivered a ransomware and banking malware into target computer via fake browser update. Threat actors are spreading this fake browser mostly via compromised websites that are powered by WordPress and also attackers used other hacked CMS websites. Thousands of hacked sites are used for […]
Security researchers from McAfee linked the global campaign dubbed Operation Sharpshooter to the infamous Lazarus Hacker Group. Sharpshooter campaign targets primarily on financial services, government, and critical infrastructure. The campaign was first identified in 2018, but according to the new analysis report, the campaign started as early as September 2017. Attackers targets broader set of […]
A new InfoStealer malware has been identified which targets the windows servers, stealing its sensitive data that includes the login credentials, OS version, IP addresses and also uploads the victim’s data to the FTP attacker’s server. Security researchers from Checkpoint observed a huge malware campaign that runs malicious contents specifically to steal sensitive data from […]
Threat actors from TA505 currently spreading powerful FlawedAmmyy RAT via weaponized MS Excel documents with malicious Excel 4.0 macro which is hard to detect by standard security controls. Observed FlawedAmmyy RAT sample is highly sophisticated that can control the infected victims remotely and evade the security software. TA505 threat actors are a well-known cybercrime group […]
According to an article on helpnetsecurity.com, it reads that nearly 40 percent of good domains carried malicious URLs. So now the question arises is legitimate websites compromised to host malicious content. Now the challenge for cybersecurity experts is to protect users with a solution that gives them URL-level visibility. The vulnerable people are the home […]
Five campuses of the Columbia State Community College were forced to shut down for two days following a malware attack. The issues reportedly happened after an employee opened an email with a malicious attachment on February 13. The virus spread to the college’s communication network, following which classes on all campuses were forced to shut […]
Researchers discovered a new malicious PDF sample that has an ability to exploit the Google Chrome zero-day flaw when victims using Chrome as local PDF viewer. Attackers spreading this weaponized PDF intended to exploit the Chrome zero-day vulnerability to track the users and collect some user’s information when they open this malicious PDF in chrome […]
Two old vulnerabilities were exploited, allegedly by Chinese hackers The Cisco network security and ethical hacking teams recently detected intrusions from malicious hackers by targeting Elasticsearch clusters to exploit previously reported vulnerabilities to perform various malicious actions such as malware injection and cryptocurrency mining, reported experts from the International Institute of Cyber Security. “Hackers are […]
Threat actors compromised the Bangladesh embassy in Cairo website and taking control to drops the weaponized word documents that contains privilege escalation flaw exploit (CVE-2017-7255). Attackers are usually distributing various malware via malspam and phishing emails which includes some of the convince action take place in order to infect the victims. But this is totally […]
Researchers have detected the first malspam campaign that delivers a malicious RAR archive to infect victim’s computer exploiting the WinRAR ACE vulnerability. The 19-year-old vulnerability was disclosed by checkpoint security researchers last week, the vulnerability resides in the WinRAR UNACEV2.DLL library. This vulnerability can be exploited by an attacker with specially crafted ACE archive and […]
Threat actors distributing Visual Basic based BabyShark malware that delivered through spear phishing emails. The emails sent from a public email address disguised to be from nuclear security expert in the U.S. Palo Alto Networks Unit 42 researchers first identified the campaign in November 2018 and it is having connections with past North Korean activities […]
Since 1999, Google’s name has resonated to mean “don’t be evil”, with the main goal of collecting all the world’s information and presenting it to everyone in a very digestible way. The search giant has built this good name for two-decades now, as the company celebrates its 20th anniversary this 2019. Of course, with popularity […]
A Russian citizen LISOV, 33, pleaded guilty for using NeverQuest malware to infect victim computers to steal their banking login information and to steal money from their banking accounts. The NeverQuest banking malware spreads through social media, email and file transfer protocols. It is capable of exfiltrating login information form number of banking and financial […]
Hackers deploy Emotet malware targeting retail trading industry to exfiltrate the bundles of data and to sell them on the dark web. The Emotet malware is a highly sensitive banking malware which was originally found in 2014, it is capable of stealing financial credentials, usernames, passwords and email addresses. Panda Trading Systems detected the malware […]
Researchers discovered a new malware that rapidly changing its sophisticated behavior in order to escape from the email security protection and infection the victims. It’s very common that threat actors spreading countless malware via email campaigns, at the same time email security providers are keep fighting with them to block and terminate it. But attackers […]
A new malware campaign that impersonates as legitimate staffing companies abuse messaging services to deliver More_eggs malware. The campaign primarily targeted US companies that include retail, entertainment, pharmacy, and others that commonly employ online payments, such as online shopping portals. Threat actors send direct message abusing Linkedin message service to the victim’s pretending to be […]
A new malware campaign impersonates a fake Google reCAPTCHA to deliver banking malware. The campaign specifically targeted a Polish bank. Security researchers from Sucuri discovered the sophisticated phishing campaign employed with both the impersonation and panic/bait techniques. Malware Infection – Fake Google reCAPTCHA The malware infection starts with the fake confirmation receipt of the recent […]