By

iZOOlogic
Shamoon malware
New variants of Shamoon disk-wiping malware were recently reported to cyber security experts this week from Italy. Shamoon malware was first spotted in the cyber-attack against Saudi Arabia and other oil companies in 2012 in which it erased data of more than 30,000 belonging to the companies.   In 2016 it was spotted in the...
Continue Reading
In a statement posted to its Web site today, Orlando, Fla. based hospitality firm Earl Enterprises said a data breach involving malware installed on its point-of-sale systems allowed cyber thieves to steal card details from customers between May 23, 2018 and March 18, 2019.   According to an analysis of that page, it appears the...
Continue Reading
phishing attacks
Every day, hackers send out over 3.5 billion fake emails worldwide targeting companies to spear-phishing and spoofing cyberattacks. Most companies remain vulnerable to these phishing attacks simply because they’re not implementing industry-standard authentication protocols. Vast majority of these suspicious emails were found out to came from U.S.-based sources. Spear-phishing, as distinguished from regular phishing scams,...
Continue Reading
phishing scams
Scammers are abusing the Google Calendar feature using a sophisticated phishing scams to steal data of 1.5 billion users of Google Calendar, including Gmail users.It was observed recently that there were multiple cases of a sophisticated phishing scams targeting consumers through unsolicited Google Calendar notifications with the purpose of tricking users into sharing their personal...
Continue Reading
Rowhammer attack
International academic researchers discovered a new variant of the Rowhammer attack,which they named asRAMBleed,that can be performed even if a system is patched against Rowhammer. The unfamiliar attack of this RAMBleed is that it targets devices to steal information, contrary to other Rowhammer attacks that alter existing data or elevate an attacker’s privileges. As many...
Continue Reading
anti malware
Summary Security vulnerability that was discovered in Microsoft’s Remote Desktop Protocol (RDP), that allow for the possibility of remote code execution via BlueKeep. NSA urges to update their system to prevent a re-run of attacks coincide 2017 ransomware outbreaks. Analysis A wormableremote code execution vulnerability first found in the wild on May 14,2019 with CVE-2019-0708,...
Continue Reading
hacking group | Malware check | Malware trojan
After being silent for almost two years, cybersecurity researchers made malware check and found out that FIN8 Hacking Group has returned, devising a new method of hacking the hotel-entertainment industry using an updated version of a malware trojan known as ShellTea/PunchBuggy Backdoor.This attack was thought to be the first attack delivered by the FIN8 group...
Continue Reading
phishing sites
Summary HTTPS green padlock symbol may no longer indicate secured connection. Analysis There has been a steady increase in threat actors’ use of SSL certificates to add an air of legitimacy to malicious websites. Since 2017 almost a third of phishing sites had SSL certificates, meaning their URLs began with HTTPS:// and (most) browsers displayed...
Continue Reading
phishing scams
New phishing campaign is in circulation requiring users to login to a fraudulent OneDrive site in order to unveil an encrypted message. Analysis • A believed to be phishing emails with subject similar to ‘Encrypted Message Received’ and includes a link stating ‘View Encrypted Email’. • Message link will divert the user to a fake...
Continue Reading
anti trojan solution | Triada Android Trojan
Summary Triada Trojan has been found in the firmware of various low-cost Android devices, which could be used to steal sensitive data and run cyber espionage modules. Analysis : First seen in March 2016 and labelled as the most advance mobile Trojan during that time specifically engineered as Android banking trojan. Android system images were...
Continue Reading
1 2 3 39