Browsing tag
The cybersecurity researchers at Trend Micro have discovered A new malware strain tapped into GitHub posts and Slack channels. Dubbed Slub by researchers; the malware works by exploiting a VBScript engine vulnerability that is classified as CVE-2018-8174 (patched by Microsoft last year). By doing so, the malware can compromise authentic, genuine websites and redirect the visitors to a fake page. When […]
While P2P file sharing isn’t illegal, torrent websites turn out to be the biggest sources to download copyright-protected media. Due to a plethora of free content available there, users visit them in large numbers and often end up infecting their PCs with malware. Along the similar lines, the researchers from Kaspersky Labs have found that a […]
Cybercriminals often use torrent services to distribute malicious code since users who look for illegal content usually disable their privacy and security settings on the web as well as ignore system notifications. Resultantly, they fall prey to adware and malware campaigns hosted by popular torrent platforms. The PirateMatryoshka, named after a traditional Russian Doll, is […]
Researchers discovered a new brute-force malware called StealthWorker that attack Windows & Linux platform via compromised E-commerce websites to steals personal information and payment data. This Stealthy malware written in Golang language which is very rarely used by malware authors and this language already being used by Mirai botnet develop module. In this case, E-commerce […]
A new malware campaign focuses on stealing online banking credentials, to gather business email address and to gains remote access to the victim machine. According to TrendMicro analysis, the fileless banking malware with multiple .BAT attachments is capable of establishing the connection with an IP address and downloads the PowerShell trojan payload and installs hack […]
We have always been stating that for any enterprise, security is not just about solutions and the technical aspects, it includes the human element as well. Every single employee who is part of an enterprise is responsible for the overall infrastructure security and hence there are some common security mistakes that, if avoided, could help […]
Mimecast has released its newest Email Security Risk Assessment Quarterly Report (ESRA) for the first quarter of 2019, which can be summarized in one phrase: “nothing is new.” The overused theme of overconfidence by firms in their fight against malicious emails that penetrate organizations as spam and phishing messages. From their study, companies globally failed […]
When it comes to malware development and infection campaigns, it does not matter where the vulnerable computer systems are located. Malware in the wild are not limiting themselves to just infecting devices from a certain region or country, they don’t respect national borders once it is already on the public Internet. Sophos has emphasized that […]
A new InfoStealer malware has been identified which targets the windows servers, stealing its sensitive data that includes the login credentials, OS version, IP addresses and also uploads the victim’s data to the FTP attacker’s server. Security researchers from Checkpoint observed a huge malware campaign that runs malicious contents specifically to steal sensitive data from […]
Threat actors from TA505 currently spreading powerful FlawedAmmyy RAT via weaponized MS Excel documents with malicious Excel 4.0 macro which is hard to detect by standard security controls. Observed FlawedAmmyy RAT sample is highly sophisticated that can control the infected victims remotely and evade the security software. TA505 threat actors are a well-known cybercrime group […]
If you are working as a security professional and interested in this specific field of knowledge, you must be known these top 10 Linux distro that suits your purpose. Remember a security-focused operating system helps hackers to discover the weaknesses in computer systems or networks. Here is a list of some top Linux distro for […]
We usually get to hear of vulnerabilities that cybercriminals exploit to expose or steal data. This time it’s the other way around; the criminals are at the receiving end. A vulnerability has helped researchers expose malware C&C servers. A vulnerability in a penetration testing tool that was being used by hackers is now helping researchers […]
Hackers implant backdoors on ‘Infrastructure as a Service’ hardware servers Network security and ethical hacking specialists from the International Institute of Cyber Security report the finding of a new vulnerability that allows hackers to leave backdoors in the firmware of physical servers that are reassigned to other users of cloud services, leaving new users vulnerable […]
Two old vulnerabilities were exploited, allegedly by Chinese hackers The Cisco network security and ethical hacking teams recently detected intrusions from malicious hackers by targeting Elasticsearch clusters to exploit previously reported vulnerabilities to perform various malicious actions such as malware injection and cryptocurrency mining, reported experts from the International Institute of Cyber Security. “Hackers are […]
Threat actors compromised the Bangladesh embassy in Cairo website and taking control to drops the weaponized word documents that contains privilege escalation flaw exploit (CVE-2017-7255). Attackers are usually distributing various malware via malspam and phishing emails which includes some of the convince action take place in order to infect the victims. But this is totally […]
Researchers have detected the first malspam campaign that delivers a malicious RAR archive to infect victim’s computer exploiting the WinRAR ACE vulnerability. The 19-year-old vulnerability was disclosed by checkpoint security researchers last week, the vulnerability resides in the WinRAR UNACEV2.DLL library. This vulnerability can be exploited by an attacker with specially crafted ACE archive and […]
Pewcrypt ransomware is a file locking malware that is not created for money extortion purposes, unlike most of the other crypto-viruses are. The author, who is most likely a fan of a popular YouTuber PewDiePie, asks users to subscribe to his channel in order to surpass the sub count of an Indian channel that uploads […]
Since 1999, Google’s name has resonated to mean “don’t be evil”, with the main goal of collecting all the world’s information and presenting it to everyone in a very digestible way. The search giant has built this good name for two-decades now, as the company celebrates its 20th anniversary this 2019. Of course, with popularity […]
Hackers deploy Emotet malware targeting retail trading industry to exfiltrate the bundles of data and to sell them on the dark web. The Emotet malware is a highly sensitive banking malware which was originally found in 2014, it is capable of stealing financial credentials, usernames, passwords and email addresses. Panda Trading Systems detected the malware […]
Researchers discovered a new malware that rapidly changing its sophisticated behavior in order to escape from the email security protection and infection the victims. It’s very common that threat actors spreading countless malware via email campaigns, at the same time email security providers are keep fighting with them to block and terminate it. But attackers […]
All know that downloading movies and software from the torrent network could infect your computer with malware, but what is more heartbreaking is when you see a popular, and trusted file uploader facilitates the process. The trusted and popular software cracks/keygens uploader for many torrent sites “CracksNow,” has now been banned from several torrent sites […]