Browsing tag
Researchers discovered a fake photo editing apps which are used by cybercriminals to launch MobOk Malware that takes complete control of the infected Android device. Threat actors are targeting Android users through legitimate Google play store app and hiding this malware to steal money by letting users subscribe to premium services. Two photo editor apps […]
Information security service experts report that a Florida city agreed to pay a ransom of about $600,000 to a hacker group that took control of its computer systems; thousands of similar incidents have recently been reported around the world. Riviera Beach City Council decided, by unanimous vote, to yield to the demands of hackers, as […]
Kaspersky security team has discovered a new strain of malware called Plurox, which packs a cryptominer, backdoor, and worm-like plugins, all into one. Plurox is a cut above the regular malware. It comes with advanced capabilities that can spread the malware laterally to more systems and mine cryptocurrency using one of its eight different plugins. […]
Another U.S. city bites the dust, as Riviera, a city in Florida with a population of 6-million residents had its local government computers infected by a ransomware. City officials embarrassingly agreed to pay the ransomware authors demand, to the tune of $600,000 just to recover the city’s encrypted data. The amount is considered by the […]
A few months ago, specialists in digital forensics analysis of security firm Kaspersky analyzed Plurox, a backdoor detected in some attacks that occurred in early 2019, discovering that this malware has some features with high harmful potential. In their research, experts discovered that malware can spread across a local network via an exploit, access the […]
A new malware dubbed Plurox spread itself over the local network using EternalBlue exploit and let attackers gain access to the network to install miners and other malware on the victim’s machine. The malware is modular, which means; attackers can expand its functionality by adding additional plugins, as required. Kaspersky researchers discovered the malware in […]
Researchers discovered new malicious Android apps from Google Play Store bypassing SMS-based two-factor authentication (2FA) mechanisms and steal the OTP without SMS’s permission. Google recently restrict other apps to use of high risk or sensitive permissions, including the SMS or Call Log in March 2019 that leads malware and credentials stealing apps lost its permissions. Newly uncovered malicious apps […]
Any person who has ever used a computer has probably heard the term “malware.” It is everywhere, and the general consensus is that we have to be careful and protect ourselves from it. But what is the malware definition? What is it and why are people afraid of it? The first thing you have to […]
A couple of years ago the Mirai botnet put thousands of system administrators in trouble before being dismantled; however, website security audit experts claim that malware developers keep using this source code as the basis for new variants of the botnet to exploit Internet of Things (IoT) devices. New versions of the botnet appear with […]
Alex Jones is now offering $1 million to catch attacker who behind the malware attack. Alex Jones, the founder of InfoWars, and his lawyer Norm Pattis claimed on Friday that someone sent malware on InfoWars servers and which ended up planting child pornography content on the servers. To catch and convict the real culprit, Jones […]
Here in hackercombat.com, we feature stories of virus infection, phishing incidents and other issues involving private and public sectors because of external risks. However, IT troubles in companies are not really made by outsiders, but human error inside the organization. It is necessary to think about how employees really think about the notion of “do […]
Specialists in IT security audits of the Kaspersky security firm recently published a report that talks about the cybercriminals’ growing interest in attacking the companies that are part of the video game industry. Experts found that, just this year, threat actors have launched more than 10 billion of credential-stuffing attacks against online gaming platforms and […]
FIN8 hacker group is back with a new highly sophisticated variant of the ShellTea malware and carried out attacks against hotel and entertainment industry. This would be the first attack by FIN8 hacker group in 2019, and it is believed that malware was deployed as a result of a phishing attack. Researchers from Morphisec Labs […]
A group of web application security experts from Trend Micro firm have detected a hacking campaign against Oracle WebLogic Server implementations to install malicious cryptocurrency mining software. Hackers exploit a vulnerability to install the miner bypassing the detection of system administrators. The National Vulnerability Database (NVD) published last April the security alert regarding a severe […]
The Philadelphia online court system has been closed for a month due to a virus that has interrupted access to the network, report specialists from the IICS’s cybersecurity course. “Suddenly the systems started to fail, I even thought the problem was on my computer”, said one of the system managers. This incident, in addition to […]
Triada Banking Trojan came Preinstalled as Backdoor in Budget Android Smartphones- Google Confirms. It would probably be the first time ever in Google’s history that the company has revealed details of the tenacity and success of malware dubbed as Triada. Triada malware was discovered in 2017 and came pre-installed on Android devices. It was believed […]
Nowadays all our activities highly depend on the Internet that includes shopping financial services, communication, entertainment and number of other services. The Internet empowers several techniques; on the other hand, it poses certain dangers. According to the recent reports, we can see a massive increase in various threats and the sophistication method followed by the […]
Hackers abuse Oracle WebLogic Server Vulnerability CVE-2019-2725 to deliver Monero Miner. The vulnerability is easily exploitable, any unauthenticated attacker with HTTP access to the server can attack without authentication. Trend Micro observed a new cryptocurrency-mining activity involving the vulnerability and to hide the malicious code they used certificate files. Malware Infection Malware exploits CVE-2019-2725 to […]
Threat actors from MuddyWater APT groups now add a new set of latest exploits to their hacking arsenal and tactics, techniques and procedures (TTPs) to target government entities and telecommunication sectors. Iran sponsored MuddyWater group operating by advanced persistent threat actors and this APT group was initially spotted in 2017, they are mainly targeting the […]
After a long time, the cryptocurrency mining script known as Coinhive has finally ceased to be a problem for system administrators and website visitors. However, cryptojacking remains one of the main cybersecurity threats. Specialists in IT security services have discovered a new malware variant that takes advantage of the victims’ hardware to mine virtual assets. […]
A new malware dubbed BlackSquid bags eight notorious exploits to drop XMRig Monero cryptocurrency miner targeting web servers, network drives, and removable drives. The malware employs several anti-virtualization, anti-debugging, and anti-sandboxing methods to avoid detection. If the malware detects any sandboxes, it immediately cancels the infection process to avoid detections. Trend Micro observed that BlackSquid […]