Browsing tag
Cyber criminals now approaching a unique way to spread Powload malware with the help of steganography to infect the targeted system. Powload campaign activity distributing since 2018 through fileless techniques and hijacking email accounts to deliver the information-stealing malware such as emotet and Ursnif. But the recent attacks employed the steganography techniques in which attackers […]
Threat actors selling a new POS malware dubbed GlitchPOS aimed in exfiltrating the credit card numbers from Point-of-sale devices and retailers’ websites. Most of the POS devices running with Windows or Unix, GlitchPOS malware targets the windows variants. Security researchers from Talos discovered the distribution of the new PoS malware that hackers selling in the […]
A new malspam campaign pushes Emotet banking malware along with Qakbot as the follow-up malware. The Emotet is a banking trojan that has the capabilities to steal personal information such as the username and the passwords. Security researcher Brad Duncan tracked the malspam campaign that pushes Emotet malware and Qakbot as the follow-up malware. Emotet […]
A new malware campaign focuses on stealing online banking credentials, to gather business email address and to gains remote access to the victim machine. According to TrendMicro analysis, the fileless banking malware with multiple .BAT attachments is capable of establishing the connection with an IP address and downloads the PowerShell trojan payload and installs hack […]
Security researchers from McAfee linked the global campaign dubbed Operation Sharpshooter to the infamous Lazarus Hacker Group. Sharpshooter campaign targets primarily on financial services, government, and critical infrastructure. The campaign was first identified in 2018, but according to the new analysis report, the campaign started as early as September 2017. Attackers targets broader set of […]
A new InfoStealer malware has been identified which targets the windows servers, stealing its sensitive data that includes the login credentials, OS version, IP addresses and also uploads the victim’s data to the FTP attacker’s server. Security researchers from Checkpoint observed a huge malware campaign that runs malicious contents specifically to steal sensitive data from […]
An Operator of DDoS-as-a Service (Illegal Booter Services) pleads guilty in North Carolina count for his massive operations of DDoS attack against 1.3 million targets. Sergiy P. Usatyuk, illegal DDoS service operator from Orland Park arrested by FBI for supporting this illegal services with his co-conspirator to develop, control and operate a number of booter […]
Researchers have detected the first malspam campaign that delivers a malicious RAR archive to infect victim’s computer exploiting the WinRAR ACE vulnerability. The 19-year-old vulnerability was disclosed by checkpoint security researchers last week, the vulnerability resides in the WinRAR UNACEV2.DLL library. This vulnerability can be exploited by an attacker with specially crafted ACE archive and […]
Threat actors distributing Visual Basic based BabyShark malware that delivered through spear phishing emails. The emails sent from a public email address disguised to be from nuclear security expert in the U.S. Palo Alto Networks Unit 42 researchers first identified the campaign in November 2018 and it is having connections with past North Korean activities […]
A Russian citizen LISOV, 33, pleaded guilty for using NeverQuest malware to infect victim computers to steal their banking login information and to steal money from their banking accounts. The NeverQuest banking malware spreads through social media, email and file transfer protocols. It is capable of exfiltrating login information form number of banking and financial […]
Hackers deploy Emotet malware targeting retail trading industry to exfiltrate the bundles of data and to sell them on the dark web. The Emotet malware is a highly sensitive banking malware which was originally found in 2014, it is capable of stealing financial credentials, usernames, passwords and email addresses. Panda Trading Systems detected the malware […]
A new malware campaign that impersonates as legitimate staffing companies abuse messaging services to deliver More_eggs malware. The campaign primarily targeted US companies that include retail, entertainment, pharmacy, and others that commonly employ online payments, such as online shopping portals. Threat actors send direct message abusing Linkedin message service to the victim’s pretending to be […]
A new malware campaign impersonates a fake Google reCAPTCHA to deliver banking malware. The campaign specifically targeted a Polish bank. Security researchers from Sucuri discovered the sophisticated phishing campaign employed with both the impersonation and panic/bait techniques. Malware Infection – Fake Google reCAPTCHA The malware infection starts with the fake confirmation receipt of the recent […]
New Threat report revealed that Credential stealing malware were dramatically increased in 2018 that target the adult websites premium users credentials to selling it in dark web. These credentials are most wanted data in underground market place in Dark web where cybercriminals selling these stolen data for thousands. It very common that pornography website is […]
ATM hijacking malware dubbed WinPot turns the ATMs into a slot machine, which starts dispensing the cash based on SPIN button. Security researchers from Kaspersky observed the emergence of the WinPot malware, the malware appeared first in the underground markets in March 2018. Threat actors designed the malware to automatically dispense the cash automatically form […]
The new variant of infamous trickbot malware comes with the capability of grabbing remote application login credentials. Trickbot is a banking malware which steals login credentials from applications, it was discovered long back ago, the threat actors continiously adding new capabilities to the malware. Security researchers from TrendMicro observed the bew variant that bagged with […]
Security Researcher discovered a vulnerability in macOS Mojave let malware apps bypass the privacy protection and read the safari browser web history. macOS Mojave has strictly restrict some of the folder by default and it provide special access for very few apps. But the newly uncovered flaw bypass the Mojave privacy protection and allow the […]
Olpair occasionally referred to as Openload.co Pair is a pop-up virus attributed to the amount of Potentially Unwanted Programs (PUP) that install on your PC without your knowledge. The virus can install by itself on your browser, either as an extension or as notification. Therefore, if you notice your browser showing multiple pop-ups and notifications […]
While most people worry about threats from hackers trying to breach their security from the outside, it’s just as, if not more, important to also protect against insider threats as they can have disastrous effects on every facet of your company. While the danger of having an employee start acting maliciously towards the company is […]
A new highly obfuscated malware dubbed Qealler designed to steal sensitive information from the infected machine. The malware is written in java. The initial attack starts with social engineering technique, attackers send the victim a malicious JAR file disguised as an invoice-related file, when the user double-clicks to open the file, then malware will get […]
Cyber criminals now spreading a Gandcrab ransomware variant using Steganography Super Mario image via malicious Excel documents. Very recently a security researcher Matthew Rowen from Bromium encountered a spreadsheet that containing a trojan sample during the static analysis. The spreadsheet has an embedded macro and the code part reveals that the macro should exit immediately […]