Blog

phishing sites

FBI warns users to be wary of phishing sites abusing HTTPS

Summary HTTPS green padlock symbol may no longer indicate secured connection. Analysis There has been a steady increase in threat actors’ use of SSL certificates to add an air of legitimacy to malicious websites. Since 2017 almost a third of phishing sites had SSL certificates, meaning their URLs began with HTTPS:// and (most) browsers displayed the...
Continue Reading
phishing scams

Phishing Scam Asks You to Login to Read Encrypted Message

New phishing campaign is in circulation requiring users to login to a fraudulent OneDrive site in order to unveil an encrypted message. Analysis • A believed to be phishing emails with subject similar to ‘Encrypted Message Received’ and includes a link stating ‘View Encrypted Email’. • Message link will divert the user to a fake OneDrive...
Continue Reading
anti trojan solution | Triada Android Trojan

Google Confirms Android Smartphone Security Backdoor

Summary Triada Trojan has been found in the firmware of various low-cost Android devices, which could be used to steal sensitive data and run cyber espionage modules. Analysis : First seen in March 2016 and labelled as the most advance mobile Trojan during that time specifically engineered as Android banking trojan. Android system images were infected...
Continue Reading
site take down

Cyberattack hits Radiohead’s unreleased music track

A cyberattacker hacked The English rock band Radiohead stealing private minidisk archive from the band’s third album and subsequent major worldwide hit ‘OK Computer’and threatened to leak them in an extortion scheme if they will not pay the ransom costing $150,000. Jonny Greenwood, Radiohead guitarist and keyboardist of the band, said that a hacker last week...
Continue Reading
Hackers Can Utilize Hardware Vulnerability of Chips to Perform Remote Attacks

Hackers Can Utilize Hardware Vulnerability of Chips to Perform Remote Attacks

Qualcomm chipsets are generally the processor of choice for many smartphone users, owing to the firm’s powerful graphics hardware and developer-friendly nature. It’s not immune to security flaws though, and its latest vulnerability is a big one.   Security researchers discovered the flaw last year, allowing cyber-criminals to gain private data and security keys in a...
Continue Reading
Cyber Security

Chinese Hacking Group Gaining Ground in the Philippines and US

An advanced persistent threat group linked to the Chinese government accused of conducting a widespread cyber espionage campaign against IT service providers has gone quiet since two of its members were indicted by the Department of Justice last year, according to a Department of Homeland Security official, but it remains an active threat to American businesses,...
Continue Reading
malware

Malware Turns Android Mobile Devices into Tunnel Proxies

Another Android malware named TimpDoor has been found by security specialists. The malware is being circulated as a major aspect of a phishing effort and is being sent to exploited people’s SMS messages.   The hackers behind the battle trap exploited people into downloading and introducing a phony voice-message application that contains TimpDoor.   Once the...
Continue Reading

Malicious Mobile App Stealing Users’ Money

A malicious mobile app impersonating a call recording functionality in the Google Play Store managed to take away thousands of euros from a couple of bank customers in Europe. The malicious malware-laced app was planted in a QRecorder app, being advertised as an automatic call and voice recording tool.   At the time of the analysis,...
Continue Reading
identity-theft prevention

Major US Server Techs Allegedly Embedded With Chinese Spy Chips

Tech Companies have ardently denied Bloomberg’s declaration that China’s Super Micro gave them hardware loaded with spy chips, but that isn’t stopping all sorts of accusations from pouring in.   Bloomberg claims has obtained documents from security researcher Yossi Appleboum that reportedly show evidence of an unnamed major US telecom finding “modified hardware” from Super Micro...
Continue Reading
Domain Factory hacker

GoDaddy’s Domain Factory Endures Data Breach

One of the largest hosting companies in Germany, DomainFactory, has been penetrated by hackers. The hosting company, which is owned by GoDaddy since 2016, reported that the data breach happened around late April 2019, but the company found out about the incident just last week, May 23rd, after the alleged Hacker began sharing bits of the...
Continue Reading
UC Browser Apps

Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks

Threat summary This affect latest UC Browser version 12.11.2.1184 and UC Browser Mini version 12.10.1.1192. The vulnerability resides in the way User Interface on both browsers handles a special built-in feature that was otherwise designed to improve users Google search experience.The vulnerability, which has no CVE identifier as its discovered so recently, Browser could allow an...
Continue Reading
Mobile Apps

Your Mobile Apps Are Secretly Sharing Your Data on Social Media

It’s not just dating and health apps that might be violating your privacy when they send data to Facebook.   A Privacy International study has determined that “at least” 20 out of 34 popular Mobile Android apps are transmitting sensitive information to Facebook without asking permission, including Kayak, MyFitnessPal, Skyscanner and TripAdvisor.   This typically includes...
Continue Reading
Huawei devices

Google and Huawei: Temporary License Granted

The US Government’s fraud management efforts appear to have made the world go hysterical as it had ordered Alphabet’s Google to revoke the license of Android and Google proprietary apps from Huawei. In a sudden turn of events the Department of Commerce has given Huawei a temporary general license to maintain its current products.The general license...
Continue Reading
Cipher Stunting

Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide

Threat Summary There has never come a time when TLS signature become focal point of target by malicous actors. Since cipher stunting is fairly new in the threat landscape, and now prevailing as a new vector to be exploited. This approach is found to be the latest evasive technique and more predominately used that reached up...
Continue Reading
best virus malware protection

This password-stealing malware just evolved a new tactic to remain hidden

Malware Summary Qakbot or Qbot also known as bank malware has been in the threat landscape since 2008 similar to Rubber Ducky, Mimikatz, and is considered one of the most effective malware families of the past decade, in part because its source code is available to cybercriminals, so it can be easily modified and extended. Primarily...
Continue Reading
WI-FI Security

Discovering WI-FI Security

Wireless Fidelity We are all connected with it and used it in on daily basis  using computers, smart phones, iPads, game consoles, even our home appliances and other devices to communicate over high-frequency radio signal or wireless signal, however we have less information on how it originally go about, how secure it is and who revolutionized...
Continue Reading
Radio Hacking

Short Wave Radio Hacking is a Serious Threat

A couple from Texas were given the shock of their life this week when they say they heard a man’s voice coming from their baby monitor and threatening to kidnap their four-month-old son.   Nathan and Ellen Rigney were sleeping just before midnight on Monday when they heard a beeping sound coming from their Nest-brand baby...
Continue Reading
MageCart skimmer script

MageCart Scripts Hosted on GitHub Used to Skim E-Commerce Websites

Security experts discovered the Magecart skimmer scripts used to compromise a few hundred e-commerce websites worldwide hosted on GitHub.   Security firms have monitored the activities of a dozen Magecart groups at least since 2015. The gangs use to implant skimming script into compromised online stores in order to steal payment card data on, but they...
Continue Reading
Sony smart TVs

Sony SMART TVs Expose WiFi Passwords

Security vulnerabilities in Android-based Sony smart TVs allow attackers to access WiFi Passwords and the images stored on the devices.   The vulnerability resides in the Photo Sharing Plus which allows users to upload photos to Sony Smart TV through a smartphone. It affects not only the TV’s used at the home but also the smart...
Continue Reading
Ransomware

US Airport Systems Held Hostage By Ransomware

Hopkins International Airport is battling a ransomware attack that knocked out some displays and disabled email, according to multiple reports from Cleveland, Ohio. Hopkins International Airport is the largest and busiest airport in Ohio, and the 43rd busiest airport in the United States by passenger numbers, according to Wikipedia.   The City of Cleveland and Hopkins...
Continue Reading
1 2 3 17