Browsing tag
Recent research revealed that most of the ATM’s around the world are vulnerable to compromise and cash out from the ATM by attackers within 30 min. Cyber criminals are using various sophisticated methods including physical access and remote access by compromise the bank network in order to steal the money from ATM. Recent ATM based […]
Today, there are two tried and tested ways for cybercriminals to effectively earn a lot of income. The first one is what we are very familiar with, due to its strong possibility of causing the user to lose a massive amount of data — ransomware, while the second one is very new and operate covertly […]
“DarkGate” malware uses Akamai, AWS DNS records and multiple payloads for cryptomining, credential theft and endpoint takeover. A sophisticated malware campaign has been identified by an enSilo researcher that hasn’t been detected before and is quite advanced than many of the malware identified before. It has been dubbed as DarkGate by the developer, reports researcher […]
When news broke about Cambridge Analytica, the Internet went into a frenzy: “How could Facebook do this!” “Facebook should be made accountable!” Besides the fact that I think the whole Cambridge Analytica issue was blown out of proportion, I believe bigger issue is the fact that very few people are willing to be responsible for their […]
2017 was a year of ransomware, primarily the WannaCry malware that made $4 billion in profits from the ransom payments of its poor victims globally. This year is a bit of a mash-up, with the rise of the cryptocurrency mining malware in prominence and the resurgence of banking trojans ready to bite its next victim. […]
Malware hidden inside Simple Call Recorder app tricks user in downloading and installing an additional app. Security researcher Lukas Stefanko discovered the malicious Simple Call Recorder app that uploaded on Google Play on November 30, 2017, and the app has more than 5,000 installs. The app was published by FreshApps Group, the main purpose of […]
Update your GDPR Compliance plugin right now. Security researchers have identified a critical vulnerability in the popular WP GDPR Compliance plugin assisting over 100,000 website owners around the world to comply with European privacy regulations known as GDPR that was announced by European Union on May 25th, 2018. The vulnerability was discovered by researchers at Wordfence which allows hackers to […]
The Lazarus hackers have been using the FastCash Trojan on obsolete AIX servers to steal tens of millions of dollars The researchers of the information security and digital forensics firm Symantec have discovered the malware tool that Lazarus, North Korea’s famous hacker group, has been using for a couple of years to steal millions of dollars […]
The South Korean hackers’ were arrested for injecting malware in the computer of over 6,000 people. The Korean National Police Agency Cyber Bureau and local police have joined efforts to arrest a group of five hackers led by Kim Amu-Gae, 24, which have released 32,435 emails containing a crypto mining malware. These emails were sent […]
There are several malicious apps on the Google Play Store that can steal your bank info like login credentials and send fake texts to extract sensitive information. These apps masquerade as battery managers, cleaners, device boosters, and even horoscope-themed apps. Usually, such malicious apps impersonate legitimate banks and display bogus login screens to steal your […]
BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis. BlobRunner allocates memory for the target file and jumps to the base (or offset) of the allocated memory. This allows an analyst to quickly debug into extracted artifacts with minimal overhead and effort. To use BlobRunner, you can download the compiled executable […]
Cybercriminals group behind the SamSam Ransomware continuously targeting various organizations network which is located in different countries in order to encrypt the sensitive data. This is one of the ransomware which is highly active in 2018 to break down the 67 different types of organization network across the world especially in the U.S. Mainly targeting […]
FridaExtract is a Frida.re based RunPE extraction tool. RunPE type injection is a common technique used by malware to hide code within another process. It also happens to be the final stage in a lot of packers : ) NOTE: Frida now also supports extraction of injected PE files using the “MapViewOfSection” technique best described […]
Outlaw Hacking group uses command injection vulnerability in IoT devices and Linux servers to distribute botnets. The threat actors compromised the FTP servers of Japanese institution and Bangladeshi government site. Security researchers from TrendMicro uncovered the hacking operation named “Outlaw”, the hacker group used compromised servers and linked to availability cluster to host an IRC […]
The employee infected a government network, in addition to some devices Cybersecurity and digital forensics researchers found that a US government network had been infected with malware by a civil servant and his “extensive background” of pornography consumption on his office computer. An audit conducted by the US Department of the Interior’s inspector general found that a […]
Emotet Malware re-emerging to perform mass email exfiltration with a new form of infection capabilities to steal sensitive Email data directly from victims Email Client. The US-Cert team already issued an alert for an advanced Emotet malware attack that targets governments, private and public sectors in the most destructive way to steal various sensitive information. […]
Due to the carelessness of an employee, who apparently was a porn fan, the network of the satellite imaging facility, the U.S. Geological Survey (USGS) at the EROS Center, South Dakota got infected with malware. An audit carried out by the U.S. Department of the Interior’s inspector general reportedly identified the extensive history of porn […]
An Employee of US Geological Survey (USGS) has a habit of watching pornography contents during Work hours and visiting the extensive history of porn websites which drop malware on Government Network. U.S. Geological Survey (USGS), U.S based Earth Resources Observation and Science (EROS) Center provide science about the natural hazards that threaten lives and livelihoods; the water, […]
The downloader malware dubbed Android.DownLoader.819.origin malware found on Google play downloaded by more than 51,100 Android users. The downloader malware is capable of installing other malicious applications on the affected devices and launches them. Doctor Web security researchers found 14 copies of the malicious application distributed by Quoac developer disguised as games. The Android.DownLoader.819.origin is […]
An unpatched bug that abusing Microsoft word Online Video future that allow an attacker to deliver malicious files into the victim’s system. A bug that existing in the JavaScript code execution within the office-embedded video component leads attackers to execute the malicious code. This flaw affected Office 2016 and older versions and it will not […]
Researchers discovered a new malware that abusing two legitimate windows files and use it against compromised victims to steal sensitive information. One file wmic.exe is a command line utility and the other file certutil.exe is a program that manages certificates for Windows. These files are used for download the payload on the infected windows machine […]