Browsing tag
“JM Bullion” company is one of the largest and most premier online retailers of precious metals like gold, silver, copper, platinum, and palladium products in the world. JM Bullion, Inc. (“JM Bullion”) and the “Provident Metals”(a subsidiary of JM Bullion company) has disclosed a data breach after their website was hacked to include malicious scripts that […]
A database of over 350 million customer records exposed from unsecured Elasticsearch cluster belonging to voice over-internet-protocol company Broadvoice. The database was uncovered by security researcher Bob Diachenko, on October 1. He observed that the unprotected Elasticsearch cluster contained several information found unprotected. What are the Data Exposed An amount of 350 million customer records […]
Hackers compromised the Asian food delivery service Chowbus and stole customer information such as customer names, email addresses, phone numbers, and mailing addresses. Chowbus founded in 2015, it is a mobile-based food delivery App that let customers order from local restaurants in cities around the USA, Australia, and Canada. Chowbus Users Affected Chowbus customers started […]
A new malicious downloader dubbed “DePriMon” registers itself as fake Windows Default Print Monitor to achieve persistence and to execute commands as a SYSTEM user. The DePriMon malware found to be active at least from March 2017, it was detected first in a private company based in Central Europe. It is well-written malware and the […]
OnePlus discloses a security breach, the company says that hackers accessed customers’ personal information users’ name, contact number, email and shipping address. The security incident was identified by OnePlus last week, some unauthorized user accessed the database where the customer’s information is stored. The company took immediate steps to stop the intrusion and informs impacted […]
A new JavaScript skimmer dubbed Pipka attacks eCommerce websites to steal the payment data entered into online payment forms of the websites. It extracts details such as payment account number, expiration date, CVV, and cardholder name and address, from the checkout pages. The Pipka found to be installed on more than sixteen eCommerce websites, the […]
Researchers discovered a new malware campaign that drops two different Remote Access Trojan(RAT) on targeted Windows systems and steal sensitive information from popular browsers such as Chrome and Firefox. The samples that uncovered by Fortinet researchers drop the RevengeRAT and WSHRAT malware and it has various obfuscation functionalities that use the various stage to maintain […]
Researchers discovered seven malicious apps from Google play store that drops malware and adware on Android users and opens backdoor access to the attackers. These apps installed over 11,000 Android users from Google Play. These apps perform various malicious activities including drain device battery and consume excessive amounts of mobile data. Mobile malware is continuously […]
Researchers observed a persistent malicious Android dropper app dubbed XHelper capable of reinstalling itself again if users uninstalled from the devices. The malicious app is persistent, once the app installed it hides and downloads other malware, displays pop-up ads. The malware found to be downloaded from unknown sources, not available with Google play. Android Trojan […]
Researchers found nearly 8 Million Android users infected with adware that hides in the phone and display ads as per the attacker’s command. Researchers from ESET security identified dozens of apps with such behavior. In total 43 apps observed on Google play with more than eight million installations, the campaign was tracked since July 2018. […]
Gustuff banking malware returns with new features, the threat actors behind Gustuff malware made changes with distribution hosts and disabled C2 infrastructure. The malware uses SMS messages for propagation. The Gustuff malware is a fully automated one, the malware is capable of stealing login credentials by abusing Accessibility Services in Android devices. Researchers observed that […]
Cyberattacks rapidly growing every day, it emerges as one of the biggest challenges for businesses. Network intruders and ransomware developer groups develop an alliance with each other to maximize the revenue with the ransomware market. They partnership together to attack the most secure and lucrative targets. AdvIntel report shows how the underground community developing multidimensional […]
Turla APT threat actors distribute a new malware called Reductor, a successor of COMpfun to compromise the TLS encrypted web traffic and infect the targeted network. Reductor malware has exclusive RAT functionality with the ability to such as uploading, downloading, and executing files on victims’ networks by manipulating digital certificates. Researchers believe that the malware […]
A new malware campaign with the Adwind RAT variant particularly targets the petroleum industry in the US. Adwind, a.k.a Unrecom, Sockrat, JSocket, and jRat is a cross-platform RAT involved in multiple campaigns and it was also distributed via malware-as-a-service in underground markets. With this campaign threat, actors used a new variant of adware RAT that […]
DoorDash announced a data breach that impacts 4.9 million consumers, Dashers, and merchants who signed up with the platform on or before April 5, 2018. The company has learned an unusual activity earlier this month, they have launched an investigation with assistance from external security researchers. The investigation determines an unauthorized third party to DoorDash […]
A new highly sophisticated malware campaign targets Tibetan groups to exploit and install spyware on their iPhone and Android devices. The spyware is delivered through WhatsApp message, all user need to do is a single click on the link to get the spyware installed on the device. The attack is documented as the first one-click […]
The world’s most active Lazarus hacking group developed a new banking malware strain dubbed ATMDtrack targets India banks to steal financial data. According to the Kaspersky report, the malware was designed to plant in ATMs, that could steal the data from the inserted card. The campaign has similarities with DarkSeoul campaign back in 2013 attributed […]
Researchers uncovered several malicious apps in the Google play poses as photo utility app and a fashion app. These malicious altogether found downloaded more than 2.1 million times. All the 25 malicious apps are published form 22 different developer accounts, but all the apps have similar structure and content. This indicates the developers of the […]
Facebook confirmed a new Instagram data-leaking bug that puts user data under risk. The vulnerability lets hackers access sensitive information such as account details and phone numbers. The vulnerability in Instagram was discovered by an Israeli hacker with Twitter handle @ZHacker13. The vulnerability opens the gateway for threat actors to abuse the user data. How […]
Hackers using Captcha to hide the presence of malware and to evade email security gateways. By using this technique attackers show that email is sent human and evades detection. Attackers use various social engineering methods to trick the users to believe the emails is from a legitimate source, here the email’s are from a compromised […]
Cybercriminals compromise the New Bedford, Massachusetts city computers with the Ryuk Ransomware and demanding $5.3 million to unlock the compromised computers. July 5, 2019, City of New Bedford’s Management Information Systems (MIS) identified the ransomware that infected several computers. Soon after detection the MIS staff disconnected the City’s computer servers and shut down systems. But the […]