Browsing tag
The cybersecurity researchers at Lumen’s Black Lotus Labs asserted that in order to mine crypto-currencies and launch DDoS attacks, hackers are deploying an existing botnet called Chaos, which is rapidly expanding, to target and infect Windows and Linux devices. There are also various architectures that can be affected by this Go-based malware, and it includes […]
Taiwan’s Presidential website and several websites run by the government of Taiwan were disrupted by distributed denial-of-service (DDoS) attacks hours before United States Speaker Nancy Pelosi’s visit to mainland China. According to NBC News Report, the attacks hit four websites, those of President Tsai Ing-wen, the National Defense Ministry, the Foreign Affairs Ministry, and the […]
A new Android malware called ‘Autolycos’ installed over 3 million times is surfing on the Google Play Store by secretly subscribing users to its premium services. Maxime Ingrao, Security Researcher from Evina found the new android malware ‘Autolycos’, which is available on the Google Play store at present. There are two applications that are still […]
SHI International Corp., formerly called Software House International, is a privately-owned provider of technology products and services, headquartered in Somerset, New Jersey. On July 4th, SHI was hit by a professional malware attack that indeed caused various disruptions. SHI has been counted among North America’s top 15 largest providers of IT solutions. It has 5,000 […]
Two months have passed since the Black Basta Ransomware first surfaced. Nearly 50 victims have already been reported from the following countries:- The U.S. Canada The U.K. Australia New Zealand This ransomware is a ransomware-as-a-service, which means that you can contract the malware and use it for a fee. Industries Targeted The Cybereason security experts […]
QNAP released a security advisory detailing the critical PHP vulnerabilities that allow an attacker to Remote Code on QNAP NAS Devices. According to the advisory, “A Vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11 with improper nginx configuration. If exploited, the vulnerability allows attackers to […]
The Chinese hacking group known as Tropic Trooper was attributed to a new campaign discovered by cybersecurity researchers at CheckPoint. In this case, a new variant of the Yahoyah trojan is being used along with a new loader called Nimbda. In addition, the trojan is embedded in a Greyware tool designed for DoS attacks against […]
An active exploit in the wild for a vulnerability in the Apple Safari web browser has been publicly revealed by the Google Project Zero team. CVE-2022-22620 is the number assigned to the vulnerability. As of 2016, experts have discovered a way to bypass the fix that was implemented back in 2013. Since the flaw was […]
Technology is evolving at a rapid pace and along with it, the threat actor behind the BRATA banking trojan has also improved the malware to release more features that are capable of stealing information. Cleafy, a digital security company specializing in mobile security, has been tracking BRATA campaigns for the past few months. While the […]
An APT group named GALLIUM has recently been using a new and hard-to-detect remote access trojan named PingPull. The trojan is being identified by the security experts at Unit 42 security firm as a part of their research. In addition to monitoring several APT groups, unit 42 also monitors its own infrastructure as well. GALLIUM […]
The recently emerged ‘FakeCrack’ campaign has been disclosed by the researchers of Avast. The malware campaign tempts users into downloading fake cracked software. Researchers say the bad actors behind the campaign have utilized a vast infrastructure to deliver malware and steal personal and other sensitive data, including crypto assets. The Black SEO Mechanism The infection […]
There has been a warning from security experts about malware first identified as SMSFactory, an Android-based threat. Through the malware, the victims are subscribed to premium services at an unnecessary cost, which is really expensive. While Avast has not disclosed how many victims have been affected by the attack, there have been hundreds of attempts […]
There has been an increasing amount of interest in targeting the Windows Subsystem for Linux (WSL), due to the fact that they continue to develop new malware, as hackers continue to analyze WSL for potential exploits. Having such a sample available for espionage purposes and for the downloading of extra malicious components would be acceptable. […]
Currently, a new botnet extends its reach with the help of code originating from various pieces of malware. The company is doing so by rapidly adding exploits for several vulnerabilities recently identified in the following things:- Web servers Content management systems IoT Android devices As of March, when the latest analysis of the botnet emerged, […]
It has been observed by researchers from Microsoft that credit card skimmers are on the rise, in which threat actors are employing more sophisticated methods in order to hide their malicious code that steals information from consumers. In order to avoid detection, threat actors hide their code snippets in image files, inject them into web […]
In an analysis published recently by specialists at Check Point Research, a new spy campaign was discovered, dubbed “Twisted Panda”. This spy operation primarily targeted two Russian defense institutes and a research facility in Belarus. In the course of an ongoing espionage campaign that has been taking place for several months, this campaign forms part […]
The contestants who successfully exploited 16 zero-day bugs within 16 different products in the Pwn2Own Vancouver 2022 first day won more than $800,000 in prize money. The product line includes:- Microsoft Windows 11 (OS) Microsoft Teams (communication platform) First Day: Microsoft Teams and Windows 11 Hacked In the enterprise communications category, Microsoft Teams was the […]
Several hackers have newly begun exploiting a recently patched critical vulnerability, identified as CVE-2022-30525, which is affecting business firewall and VPN devices from Zyxel. In response to this vulnerability, the cybersecurity experts at Rapid7 have discovered that a number of Zyxel firewalls supporting ZTP like the ATP series, the VPN series, and the USG FLEX […]
The database containing 10GB worth of user information of three VPN services such as ChatVPN, SuperVPN, and GeckoVPN was leaked in the Telegram Groups. On May 7th, 2022, the data of 21 million users was leaked, exposing the personal details and login credentials of the users. The Data Breach: Telegram uses encryption and offers its […]
NAS device maker QNAP released software updates for its network-attached storage (NAS) products on Friday. While this updated software package is focused on patching multiple security flaws. All these flaws could enable the threat actors to get access and steal sensitive data. Among all the detected vulnerabilities, there is one that could allow the threat […]
Experts from Trellix discovered that VHD Ransomware was linked to North Korea’s cyber army. The cyber-army of North Korea has been divided into several units, all of which have different tasks and report to ‘Bureau (or Lab) 121’. Unit 180, also known as APT38 is responsible for the attacks on foreign financial systems, including banks […]