Browsing category
According to an article on helpnetsecurity.com, it reads that nearly 40 percent of good domains carried malicious URLs. So now the question arises is legitimate websites compromised to host malicious content. Now the challenge for cybersecurity experts is to protect users with a solution that gives them URL-level visibility. The vulnerable people are the home […]
Five campuses of the Columbia State Community College were forced to shut down for two days following a malware attack. The issues reportedly happened after an employee opened an email with a malicious attachment on February 13. The virus spread to the college’s communication network, following which classes on all campuses were forced to shut […]
Researchers discovered a new malicious PDF sample that has an ability to exploit the Google Chrome zero-day flaw when victims using Chrome as local PDF viewer. Attackers spreading this weaponized PDF intended to exploit the Chrome zero-day vulnerability to track the users and collect some user’s information when they open this malicious PDF in chrome […]
Two old vulnerabilities were exploited, allegedly by Chinese hackers The Cisco network security and ethical hacking teams recently detected intrusions from malicious hackers by targeting Elasticsearch clusters to exploit previously reported vulnerabilities to perform various malicious actions such as malware injection and cryptocurrency mining, reported experts from the International Institute of Cyber Security. “Hackers are […]
Threat actors compromised the Bangladesh embassy in Cairo website and taking control to drops the weaponized word documents that contains privilege escalation flaw exploit (CVE-2017-7255). Attackers are usually distributing various malware via malspam and phishing emails which includes some of the convince action take place in order to infect the victims. But this is totally […]
Researchers have detected the first malspam campaign that delivers a malicious RAR archive to infect victim’s computer exploiting the WinRAR ACE vulnerability. The 19-year-old vulnerability was disclosed by checkpoint security researchers last week, the vulnerability resides in the WinRAR UNACEV2.DLL library. This vulnerability can be exploited by an attacker with specially crafted ACE archive and […]
Threat actors distributing Visual Basic based BabyShark malware that delivered through spear phishing emails. The emails sent from a public email address disguised to be from nuclear security expert in the U.S. Palo Alto Networks Unit 42 researchers first identified the campaign in November 2018 and it is having connections with past North Korean activities […]
Since 1999, Google’s name has resonated to mean “don’t be evil”, with the main goal of collecting all the world’s information and presenting it to everyone in a very digestible way. The search giant has built this good name for two-decades now, as the company celebrates its 20th anniversary this 2019. Of course, with popularity […]
A Russian citizen LISOV, 33, pleaded guilty for using NeverQuest malware to infect victim computers to steal their banking login information and to steal money from their banking accounts. The NeverQuest banking malware spreads through social media, email and file transfer protocols. It is capable of exfiltrating login information form number of banking and financial […]
Hackers deploy Emotet malware targeting retail trading industry to exfiltrate the bundles of data and to sell them on the dark web. The Emotet malware is a highly sensitive banking malware which was originally found in 2014, it is capable of stealing financial credentials, usernames, passwords and email addresses. Panda Trading Systems detected the malware […]
Researchers discovered a new malware that rapidly changing its sophisticated behavior in order to escape from the email security protection and infection the victims. It’s very common that threat actors spreading countless malware via email campaigns, at the same time email security providers are keep fighting with them to block and terminate it. But attackers […]
A new malware campaign that impersonates as legitimate staffing companies abuse messaging services to deliver More_eggs malware. The campaign primarily targeted US companies that include retail, entertainment, pharmacy, and others that commonly employ online payments, such as online shopping portals. Threat actors send direct message abusing Linkedin message service to the victim’s pretending to be […]
A new malware campaign impersonates a fake Google reCAPTCHA to deliver banking malware. The campaign specifically targeted a Polish bank. Security researchers from Sucuri discovered the sophisticated phishing campaign employed with both the impersonation and panic/bait techniques. Malware Infection – Fake Google reCAPTCHA The malware infection starts with the fake confirmation receipt of the recent […]
Various anti-malware vendors are scrambling to fix their products in order to detect the new variant of Separ malware family. Separ is known as a password stealer virus, with its first version detected two years ago in 2017. The newest variant has a very modular architecture, as it uses genuine 3rd party executables (non-malware) in […]
New Threat report revealed that Credential stealing malware were dramatically increased in 2018 that target the adult websites premium users credentials to selling it in dark web. These credentials are most wanted data in underground market place in Dark web where cybercriminals selling these stolen data for thousands. It very common that pornography website is […]
Malicious campaign operators have devised a new method for sending documents with malicious files Phishing campaign operators found ways to prevent malware-loaded Office documents from being detected by some security software solutions; according to network security and ethical hacking specialists from the International Institute of Cyber Security, attackers are deleting links from the relationship file […]
Cyber Criminals now distributing new dubbed Muncy malware as a EXE file format via DHL phishing campaigns to target the users around the world. DHL phishing is one of the widely distributing campaigns that delivers that various sophisticated malware in recent past via malspam emails. Threat actors are leveraging the poorly configured SMTP servers and […]
ATM hijacking malware dubbed WinPot turns the ATMs into a slot machine, which starts dispensing the cash based on SPIN button. Security researchers from Kaspersky observed the emergence of the WinPot malware, the malware appeared first in the underground markets in March 2018. Threat actors designed the malware to automatically dispense the cash automatically form […]
The latest version of the tool is functional for those who suffered ransomware infections between November 2018 and February 2019 Network security and ethical hacking specialists from the International Institute of Cyber Security report the launching of a new version of the tool to remove the encryption generated by the GandCrab ransomware (versions 5.04 to […]
Many of the torrent sites strictly banned the popular torrent uploader CrackNow that caught for upload malicious files including GandCrab Ransomware. A lot more malicious torrents files are uploading in the torrent site which is very common nowadays but this kind of malicious activities from trusted torrent uploader is a rare case scenario. Torrents sites […]
A new unique campaign abuses system native OS process and security software to steal passwords and personal information. Threat actors disguise the Astaroth Trojan payload as JPEG, GIF, and extensionless to avoid file detections. The campaign especially targets the users in Brazil and the initial infection starts with a phishing-based campaign. Researchers form cybereason observed […]