Browsing tag
As the cryptocurrency craze is reaching new heights, cybercriminals are looking for new methods to steal digital coins. In the past, we have seen methods like crypto jacking and spearphishing attacks. In a related development, security researchers have found a new malware campaign to mine cryptocurrency. Named Zealot Campaign, this malware targets Linux and Windows […]
A new sophisticated malware campaign dubbed “Zealot” leveraging NSA exploits targeting Windows and Linux systems to mine Monero on Internal Networks. Security researchers from F5 Networks identified the malware campaign “Zealot” targeting internal networks Leveraging NSA Exploit EternalBlue and EternalSynergy. Zealot campaign is highly obfuscated, and it can deliver multistaged attacks. it exploits unpatched Apache […]
Security researchers from FireEye and Dragos have discovered a nasty piece of malware targeting industrial control systems (ICS). The malware (called “TRITON” and “TRISIS”) was discovered after it was used against a victim in the Middle East, and unintentionally led to an automatical shutdown of the industrial process. TRITON has been specially designed to target […]
A dangerous malware family called “TRITON” distributing to attack Industrial control systems that leads to Perform an emergency shutdown the industrial processes. Researchers believe that this malware has capable to cause physical damage and inadvertently shut down operations. A Distributed Control System (DCS) provides human operators with the ability to remotely monitor and control an […]
Cybersecurity firm FireEye’s Mandiant subsidiary responded to an incident caused by a new malware attempting to target Industrial safety systems of a critical infrastructure plant. The Triconex industrial safety technology developed by Schneider Electric SE was targeted with the malware with the sole aim of causing physical damages. The malware has been dubbed as TRITON […]
Two years ago in October 2015 we published a blogpost about a popular malware that was being distributed from the Google Play Store. Over the next two years we detected several similar apps on Google Play, but in October and November 2017 we found 85 new malicious apps on Google Play that are stealing credentials for VK.com. […]
Another set of banking Trojans has found its way past Google Play’s security mechanisms, this time targeting a number of Polish banks. The malware managed to sneak into Google Play disguised as seemingly legitimate apps “Crypto Monitor”, a cryptocurrency price tracking app, and “StorySaver”, a third-party tool for downloading stories from Instagram. Besides delivering the […]
On Wednesday, Microsoft has released a patch for the Microsoft Malware Protection Engine (MPE) to fix a critical severity remote code execution (RCE) flaw in it. The vulnerability (tracked as CVE-2017-11937) has been discovered by UK’s National Cyber Security Centre (NCSC) that could lead to memory corruption and enable an attacker to execute arbitrary code […]
Linux.ProxyM malware was well known for infecting almost any Linux devices which include routers, set-top boxes, and other equipment. It affects the devices and launches a SOCKS proxy server on an infected device. It involved in various activities, in June it was used by cybercriminals to target Raspberry Pi devices for Mining Cryptocurrency, in September […]
Intel the giant in chip making is in the news for all the wrong reason. It has been reported that the chip has vulnerabilities that will put millions of devices at risk. Researchers from Positive Technologies during the Black Hat Conference in Europe said that a particular flaw in Intel Chip stands to make devices […]
Denis Sinegubko (a security researcher from Sucuri) has discovered a new wave of the known malware wp-vcd that injects malicious WordPress admin users into vulnerable or hacked websites. The researcher said that the wp-vcd malware is preinstalled inside pirated WordPress premium themes published for download for free on some websites, he noticed that the malicious […]
A Banking Trojan called DOWNAD has been discovered after 9 years that is capable of remotely inject malicious code into a server and also performing Dictionary Attack which is Considering as one of world’s most prevalent malware. DOWNAD Malware family first Discovered in 2008 it managed to be one of the most destructive malware at […]
Researchers at endpoint security firm enSilo have identified a new attack that affects all Windows versions and allows attackers to use Microsoft Windows features to evade detection in prominent anti-virus products and infect a targeted device with malicious programs including malware. Dubbed ‘Process Doppelgänging‘ by Tal Liberman and Eugene Kogan of EnSilo, the attack was demonstrated during Black Hat […]
A team of security researchers has discovered a new malware evasion technique that could help malware authors defeat most of the modern antivirus solutions and forensic tools. Dubbed Process Doppelgänging, the new fileless code injection technique takes advantage of a built-in Windows function and an undocumented implementation of Windows process loader. Ensilo security researchers Tal Liberman and Eugene […]
In an international cyber operation, the law enforcement authorities have dismantled a massive botnet called Andromeda (also known as Wauchos and Gamarue) associated with 80 malware families and compromising millions of Windows-based computers worldwide. Andromeda was developed in September 2011, to infect computer systems of unsuspecting users, steal personal data and install additional malware on the device from 80 […]
Microsoft has a never-ending malware problem, in fact, millions of Windows devices worldwide have been plagued with some sort of malicious software. Recently, the IT security researchers at Malwarebytes discovered a Windows tech support scam in which users are first infected with a malware and then tricked into spending $25 via PayPal to purchase a Windows […]
If you keep a close eye on the cybersecurity world, you must be knowing about Necurs botnet, which is one of the biggest botnets this world has seen. It’s known for playing a major role in spreading Locky ransomware and Dridex banking trojan. Over the course of past one year, it has expanded this list […]
Italian security researcher Lino Antonio Buono discovered a security flaw that affects almost all versions of Microsoft office. As per the findings of Buono, this vulnerability can let hackers create and distribute macro-based, self-replicating malware and hide it behind unsuspecting MS Word documents. Buono, who works at InTheCyber, explained that a self-replicating malware could allow […]
Mac malware, Proton, is spreading through a legitimate security company. Security researchers spotted criminals using search poisoning to get more targets and leverage the credibility of Symantec in the industry. The attackers have created a fake site imitating the real website of the Symantec security firm, mirroring the content of the original one. “The malware […]
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header, Optional Header, Section Table Reading standard section formats: Import Section, […]
On Saturday night an unknown hacker targeted the Sacramento Regional Transit System (RT or SacRT) in California and hacked into its website along with its critical cyber infrastructure. At first, the hacker defaced the site, left a message and pretended to be one of the good guys who hack and report to affected authorities so […]