Browsing tag
The WannaCry incident was just a beginning as now a new and more evolved malware lurks out there in the wild. No, it’s not Uiwix or Adylkuzz but more dangerous than all. WannaCry, as you may already know, is a ransomware on the loose. It uses the NSA leaked tools EternalBlue and DoublePulsar and exploits the SMB vulnerability in Windows […]
On Friday, Wikileaks published a CIA malware project known as Athena. According to the leaked documents, the Athena malware is capable of hijacking all the Windows versions starting from XP to Windows 10. The malware consists of another module called Hera which affects PCs running Windows 8 to Windows 10. The malware is a collaborative effort between […]
The threat of ransomware attack is growing and here is how to protect yourself from encryption based malware known as ransomware. The Internet is dark and full of terrors! Yes, the virtual world has its fair share of downsides as well. Online threats such as data hacking, virus infestation, malware attacks are common. Ransomware is […]
It is not surprising to know that Internet-connected Medical devices are vulnerable to cyber attacks. There have been several cases in the recent past in which cyber criminals took over life-saving devices and held them to ransom. Now, it has been identified that WannaCry ransomware, the heinous ransomware that has been on the loose for over […]
Short Bytes: Proofpoint has uncovered a malware attack that uses the same EternalBlue and DoublePulsar exploits, which were used to spread WannaCry. Called Adylkuzz, it’s a cryptocurrency miner that installs itself on a computer and uses your computer’s resources to mine Monero. It’s being claimed that Monero has infected hundreds of thousands of PCs and servers worldwide. Just […]
Yesterday, we released binsnitch.py – a tool you can use to detect unwanted changes to the file sytem. The tool and documentation is available here: https://github.com/NVISO-BE/binsnitch. Binsnitch can be used to detect silent (unwanted) changes to files on your system. It will scan a given directory recursively for files and keep track of any changes it detects, based […]
The WannaCry ransomware attack is still infecting unsuspecting users, hospitals, and businesses around the world. While some users on Twitter are claiming they have already paid victims a massive amount of ransom money and are still waiting for the decryption key; the cyber criminals behind the whole campaign are still sending new messages in the […]
It seems that WannaCry had a predecessor that apparently carried out attacks which involved mining the cryptocurrency Monero using the same vulnerability found in Windows’ Sever Message Block (SMB) protocol. Adylkuzz – another NSA enabled malware: According to the researchers, the crypto miners malware uses the same tool, EternalBlue, to exploit the same vulnerability in Microsoft […]
Security researchers from Sucuri have found hacked WordPress sites that were altered to secretly siphon off cookies for user and admin accounts to a rogue domain imitating the WordPress API. The attacker was sending stolen cookies to code.wordprssapi[.]com, a domain that was imitating a non-existent WordPress service. Sucuri’s Cesar Anjos says he found this malware […]
WikiLeaks recently leaked some files as part of its Vault 7 series, that contained user manuals for two malware called, Assassin and AfterMidnight. According to the documents, these viruses belong to the CIA. RELEASE: CIA remote control & subversion malware systems ‘After Midnight’ and ‘Assassin’ https://t.co/S64RmEsHYl #Vault7 pic.twitter.com/5fMTeqW007 — WikiLeaks (@wikileaks) May 12, 2017 [irp […]
Earlier today, Microsoft’s President and Chief Legal Officer, Brad Smith stated that part of the responsibility of the recent WannaCry ransomware attack that resulted in a major chaos in more than 150 countries falls on the US government, particularly, the National Security Agency (NSA) and the Central Intelligence Agency (CIA). Why NSA and CIA? For long, […]
In the last few days, the internet has been caught off guard with numerous updates being posted regarding the sprawling effects of the WannaCry ransomware that exploited the vulnerabilities in Microsoft’s Windows operating system to hack more than 75,000 computers and counting last Friday. Nevertheless, it seems like the worst is yet to come. In […]
Internet users worldwide are now familiar with the WannaCry or WanaCrypt0r ransomware attack and how cybercriminals used it to infect cyber infrastructure of banking giants, hospitals, tech firms and sensitive installation in more than 90 countries. The users may also know that a British security researcher MalwareTechBlog accidentally discovered the kill switch of WanaCry by […]
Last year the Internet was taken down by cyber criminals through a massive Distributed Denial of Service Attack (DDoS) attack using the infamous Mirai malware. But last Friday afternoon, almost 99 countries including Russia, UK, USA and Australia became victims of a worldwide mass cyber-attack that has been reported to have caused major disruptions to […]
Short Bytes: The hackers have used the leaked NSA tools to infect computers with WanaCrypt0r 2.0 ransomware. This malware exploits EternalBlue vulnerability and uses phishing emails to infect computers. Till now, Avast has recorded more than 75,000 infections in 99 countries. While WanaCrypt0r is most affecting Russian and European countries, the possibility of its arrival in the US […]
Security researchers have warned that HP machines could turn into a spyware thanks to an audio driver developed by Conexant Systems, Inc. which comes pre-installed in more than a dozen of HP devices. According to a security advisory published by Switzerland-based security consulting firm Modzero Conexant, responsible for making audio drivers comes with a component “MicTray64.exe” which is an executable […]
[jpshare]A new Android vulnerability discovered in Android’s security Mechanism which leads to several android permission based attacks during run-time including ransomware, banking malware and adware. According to the Google Policy gives extensive permissions to apps installed directly from Google Play,this flow consists of several groups of permissions, with permissions considered as “dangerous” granted only during run-time […]
Malwaresearch is a command line tool to find malware on Openmalware.org, it was developed to facilitate and speed up the process of finding and downloading malware samples. The tool was developed to facilitate and speed up the process of finding and downloading malware samples via the command line interface. We’ve made use of the API provided by […]
We are quite used to seeing hackers using ransomware apps to trick unsuspecting users into paying ransoms. But, in Thailand instead of targeting ordinary users, hackers targeted the big fish in the business. By big fish, we mean influential companies in the country, and the worst part, they couldn’t even lodge an official complaint in fear […]
Earlier this week, the research team which is part of Windows Defender Advanced Threat Protection system, detected several attacks being carried out against a software’s update system whose name has not yet been revealed – All that is known about the software is that it is a well-known editing application and that the creator or vendor […]
The security researchers at Fox-IT have discovered a modified version of the previously known snake malware. A version specifically designed to target MacOS. Still not sure what snake malware is? Well, it also goes by the name of Turla, Agent.BTZ and Uroburous. Sounds familiar now? Previous Victims: As per reports, the snake malware was previously targeting […]