Blog

Phishing Scheme

Phishing Scheme Uses Legit Signup Forms to Steal Payment Card Data

Baiting Scheme Legitimately looking organization newsletter subscription forms to scam unwary victims from making payment transactions leading to hackers’ personal bank account. Phishing Technique Drawn companies such as Audi, Austrian Airlines, and S-Bahn Berlin to Russian users. Here’s how it is pulled off: Email catch line saying “Money for you” either written in English or German...
Continue Reading
Malware

US Web Servers Hosted 10 Malware Families

The infamous Necurs Known for being the multipurpose Necurs botnet wearing different kind of role as its façade was initially introduced as infector and rootkit 7 years ago, and now well known for having partnered with top cybercrime rings and made its name as the top spamming and infection forces in the malware scene. Scaling from...
Continue Reading
ASUS laptops

ShadowHammer: Malicious updates for ASUS laptops

How secure are we? There’s no such thing as foolproof system at least now a days when all threat actors are looking for means on how to manhandle security loopholes. Gone are the days when secure haven as what we think it is–say our manufactures OEM are no longer excused to all sorts of attack. In...
Continue Reading
anti virus malware protection

Xiaomi Brand Phones: A Slip Up of Anti-Virus App Could Turn Against You as a Malware

Mobile phones in today’s generation are still selling like pancakes despite the stiff competition between different mobile phone manufacturers. Needless to say, mobile phones are still part of our daily lives which serves as a multi-functional tool from communication up to almost anything thanks to the applications made for mobile devices. It is well-known that Android...
Continue Reading
Data breaches

Data breaches more common than rain in the UK

The UK has something of a reputation for its wet climate, and its citizens for constantly talking about the weather. So, it might come as a surprise to find that in the UK the chance of encountering a data breach is higher than that of experiencing a rainy day. A survey by technology services company shows...
Continue Reading
Android malware

New Android Malware Gustuff Targeting 100+ Banking, 32 Cryptocurrency and Messengers apps such as WhatsApp

A newly found type of Android malware has stolen cryptocurrency and banking data from in excess of 125 different applications. The “Gustuff” Trojan virus is said to pick up its popularity in the cybercriminal underworld given that it’s custom-made explicitly to take banking and crypto assets. Gustuff is accepted to be about a year old but...
Continue Reading
hacking

Asus was warned of hacking risks months ago, thanks to leaky passwords

A security researcher cautioned Asus two months back that workers were inappropriately distributing passwords in their GitHub stores that could be exploited to get to the organization’s corporate network. One password, found in an employee repo on the code sharing, enabled the researcher to get to an email account used by internal developers and engineers share...
Continue Reading
Magento PayPal integration

Hackers abuse Magento PayPal integration to test validity of stolen credit cards

Hacker groups and online fraudsters are mishandling a component of Magento online shops to test the validity of stolen debit and credit card numbers. The transactions are executed against Magento stores that support the PayPal Payflow Pro integration. The PayPal Payflow Pro integration is a payment option available on Magento shops that enables an online store...
Continue Reading
PDF attacks

Malicious PDFs | Revealing the Techniques Behind the Attacks

Email users are mindful on how attackers used phishing and spear-phishing campaigns and how this medium is being the source of these attacks as with most email attachments or links, PDF files have gotten a lot of attention from threat actors.   Code Execution   Our familiarity with the possibility of malicious Office attachments that run...
Continue Reading
Android apps

Preinstalled Android apps are harvesting and sharing your data

Our Mobile Application Monitoring team has been wary of the trend that mobile appstores including iTunes and Google Playstore has been getting malicious apps in their store. Now the deception of mobile apps continue, up to the point that it has reached the stage where it has been pre-installed by your Mobile Phone vendor. Classy move...
Continue Reading
Social Media

Era of Fake News Round 2: The Era where Information is being weaponized

“Weaponization” of Social Media How are we able to confidently say that the Social media is weaponized? From stalking, petty crimes, going up to wars and even elections. Social Media alone is a giant tactical weapon of the new cyber tacticians that seek out advantage from the digital information era. According to New York Times article...
Continue Reading
Ransomware

Ransomware Strikes(Again): Lockergoga Series

Risks when an operation gets disrupted How much does it affect a business no matter what size whenever its operations get disrupted? Huge sums of money, time, effort, and most of all the data that are involved in the operations of the business.  Consumer confidence? A plunge in the stakeholders confidence? How dangerous? Ransomware in general...
Continue Reading
Facebook in plain text format

Facebook in plain text format: An internal Mistake, View able within the Organization are hundreds of Millions of Passwords

Another one? It is as if the Cambridge Analytica, and the previous Facebook bug or vulnerability was not enough of a problem for the Social Media giant. Facebook now faces another controversy where it had exposed its latest security breach. What was the security breach? Who were affected? The security breach where the platform accidentally stored...
Continue Reading
dark web sales

Hack-A-Ton Leak-a-Ton Final Round? The fourth round of dark web sales

The latest round of leaked data sold by a famous dark web netizen was noticed by The Hacker News, who already made three separate releases in different time intervals of leaked data for sale in a Darkweb Marketplace. The discovery? While the darkweb monitoring mode is consistent, with the large hidden services and contents lurking in...
Continue Reading
WordPress Vulnerability

Hackers Take Advantage of WordPress Vulnerability: Hacks Sites Remotely Unauthenticated, Undiscussed Effects of the Cause

What is the issue? Unauthenticated RCE Vulnerability Remote code execution to access one’s device through a vulnerability is not a new thing, however still one of the ways for hackers to take advantage and make use of another site’s resources to execute malicious actions nonetheless. Without authentication a hacker can take control of a wordpress site...
Continue Reading
Iranian Hackers Stormed Citrix

Iranian Hackers Stormed Citrix, Got Away with Terabytes of Data, Including Internal Secrets

Citrix has now disclosed a massive data leak by informing their customers that hackers intruded their network and stole their corporate secrets.   Affected Customers Citrix services the following businesses but not limited to: US Military Various US Government Agencies Whitehouse FBI With the above government entities itself, this data leak proves to be critical. A...
Continue Reading
Hackers Breached Australian Defense Contractor

Hackers Breached Australian Defense Contractor

One of Australia’s major defense service providers and shipbuilders – Austal was hit by an information rupture on November 1st, 2018. The malicious cyber criminals figured out how to take the ultra-touchy information of a couple of the company’s staff. In any case, the firm cases that there is no proof of burglary of national security...
Continue Reading
Office 365 phishing scam

Office 365 Phishing Strategy Tricks Users With Live Chat Support

Phishing attacks have now progressed toward becoming something of a day by day event for some. However, the motivation behind why these noxious attacks stay abundant lies in their resourcefulness. In time, we know about a clever phishing method that includes technical support as well. We are talking about an Office 365 phishing campaign that scams...
Continue Reading
Gate.io Bitcoin Transactions Breached by Hacking StatCounter

Gate.io Bitcoin Transactions Breached by Hacking StatCounter

Malicious Hackers have broken StatCounter, one of the web’s biggest web investigation stages, and have embedded pernicious code inside the organization’s principle website following content. As per Matthieu Faou, the ESET malware specialist who found the hack, this pernicious code seizes any Bitcoin exchanges made through the web interface of the Gate.io digital currency trade. “We...
Continue Reading
phishing Attacks

Phisher Announces More Attacks Against Hedge Funds and Financial Firms

Another phishing campaign called ” Beyond the Grave” targeted international hedge funds on January 9th, 2019. In an announcement presented on Bleeping Computer, the attackers have expressed that they will keep on targeting banking and financial institutions in the future. A part named Xander Bauer has made a post in the Bleeping Computer forums with a...
Continue Reading
1 2 3 15

Categories