Blog

nokor group hidden cobra electric fish malware antimalware

The US Government Sheds Light on ElectricFish – Malware Linked to NoKor Hidden Cobra

A warning released by the U.S. Computer Emergency Readiness Team on Thursday does not indicate if any organizations have sustained an attack from Hidden Cobra, also known as the Lazarus Group, using the Electricfish malware. Because investigators were able to reverse-engineer some of the code, however, there’s a possibility it is operating in the wild and...
Continue Reading
winnti malware linux antimalware chinese hackers

Security researchers discover Linux version of Winnti malware

Winnti malware summary Linux version of Winnti has discovered in the wild while investigating a recent cyber attack against a pharmaceutical giant. Winnti Windows predecessor has been used by Chinese cybercriminals for the past decade to launch attacks on systems worldwide. It is believed by security experts that several Advanced Persistent Threat (APT) groups operate under...
Continue Reading
fxmsp data breach us antivirus companies compromised data

US Anti-Virus companies breached – hackers claim glory and bounty

Security researchers say a “high-profile Russian- and English-speaking hacking collective” managed to infiltrate three of the top antivirus firms in the US and steal “sensitive source code” related to the development of AV software and tools. The group is trying to sell the data for $300,000. The good news for consumers is that this breach had...
Continue Reading
phishing attacks microsoft netflix paypal antiphishing impersonation

Phishing attacks mostly impersonate Microsoft, Netflix & PayPal accounts

Phishing Summary Phishing attack has never been so innovative when it comes to deception. Latest report determines big consumer software companies like Microsoft, Netflix, and Paypal were impersonated by malicious actor to carry out the most phishing attacks. They have utilized the immense popularity of Microsoft Office’s 365 accounts to send phishing emails to users. The...
Continue Reading
google play store app malware keylogger antimalware hacking

Play Store apps laced with malware are recording your keystrokes

Cyber-security researchers have just discovered hundreds of malicious Google Play Apps infected with Windows Executable files. These infected apps specifically include teaching and tutorial apps – Learn to Draw Clothing (teaching people how to draw design clothing), Gymnastics Training (tutorial about gymnastics moves), and Modification Trail (an app showing ideas of trail bike modification). Surprisingly, these...
Continue Reading
mirai malware variants antimalware hacking

New Malware variant targeting routers and IoT Devices using 13 different exploits

Cyber-security researchers has just released the discovery of a new Mirai Malware variant that deploys a new set of 13 malware exploits that enable it to attack more routers as well as other devices with success. While these exploits were individually used in Mirai malware campaigns before, having them all bundled in one version is a...
Continue Reading
microsoft zerofont phishing technique office 365 antiphishing

Office 365 Phishing Technique – A Legacy Threat

Cyber criminals are at it again. And this time, they are after familiar territory – Microsoft Office 365. Ever since the developments in security for messaging systems, security experts have already given us due notice regarding the possible threats of bogus or fraudulent emails. This will be an ever-growing hazard since in this digital age, almost...
Continue Reading
google tracking location history data compromised data fraud prevention

Tech firm is tracking its users incognito

Just when you thought you have disabled location tracking since you have turned off your location settings and history, you were wrong. According to a report by security researchers last Monday, even though you’ve already disabled your Location History, Google will still be able to track you down – every single time.   Google, said that...
Continue Reading
first american financial compromised data data leak

First American Financial suffers data leak

First American Financial Corporation left as many as 885 million real estate documents dating as far back as 2003 exposed in a recent data leak. The company, one of the largest real estate title insurance firms in the US, has already fixed the vulnerability as of Friday afternoon after the security researcher notified it of the...
Continue Reading
cryptobot eternalblue malware monero cryptominer antimalware

CryptoBot derived from famous malwares attacking asian countries

We detected a cryptobot malware that uses multiple propagation and infection methods to drop a Monero cryptocurrency miner onto as many systems and servers as possible. Initially observed in China in early 2019, the methods it previously used to infect networks involved accessing weak passwords and using pass-the-hash technique, Windows admin tools, and brute force attacks...
Continue Reading
mongodb ransomware medical records data breach

MongoDB database for special patients hit with ransomware

A software provider for assisted living communities has experienced a ransomware attack that has affected more than 60 facilities that use the software with MongoDB database. Tenx Systems, doing business as ResiDex Software, said the attack occurred on April 9, 2019 and affected its MongoDB server infrastructure. Rapid action was taken to move the servers to...
Continue Reading
phishing kits antiphishing phishing detection hacking hacker

Criminals allow self-cannibalization using advanced Phishing Kits

Scammers nowadays still use the old method in conducting phishing scams to target its victim. But what’s threatening is that hackers came up with this fresh distribution method of internet phishing where they cannibalize an already compromised web server using phishing kits which is designed to mirror legitimate websites, such as those maintained by Microsoft, Apple...
Continue Reading
pirate chick vpn malware adware trojan antimalware solutions

Fake VPN Software Pushing Trojan Installation via Adware

A fake VPN going by the name of Pirate Chick VPN has been installing malicious payloads, including the AZORult password-stealing Trojan. On the surface, Pirate Chick VPN looks like any other legitimate VPN service, with a professional website and privacy policy available to read. There is even a free three-month trial available. However, its purpose has...
Continue Reading
cryptostealing hijacking vidar malware bitcoin cryptocurrency

Crypto-stealing malware Vidar spreads via cloned cryptocurrency trading website

A malware researcher and a twitter user Fumik0_ has discovered a new website that is spreading crypto malware. This fake cryptocurrency trading website is masquerading as a legitimate service that delivers crypto-stealing malware trojan known as Vidar. This malware trojan is distributed through a site that impersonates CryptoHopper trading platform which allows users to build models...
Continue Reading
phishing email scam

Phishing Email Scam asks you to login to read encrypted message

Summary  New phishing campaign is in circulation requiring users to login to a fraudulent OneDrive site in order to unveil an encrypted message.    Analysis  A believed to be phishing emails with subject similar to ‘Encrypted Message Received’ and includes a link stating ‘View Encrypted Email’.  Message link will divert the user to a fake OneDrive for...
Continue Reading
wordpress website joomla malcious scripts malware hacking hacker

New Malicious Script poses threat to WordPress and Joomla-based websites

Cyber-security researchers are warning owners of Joomla and WordPress websites of a malicious redirect script that is pushing visitors to malicious websites and expose them to various malwares. A renowned cyber-security researcher published a report outlining a rogue hypertext access (.htaccess) injector found on a client website. He reported that the impacted site was directing website...
Continue Reading
black router iranian malware ransomware trojan blackrouter

Iranian Malware BlackRouter – evolved as a Ransomware

BlackRouter, a ransomware recognized in 2018 is currently being endorsed as a Raas by its maker. The individual behind BlackRouter, known as “MOH3NE2”, is accepted to be of Iranian origins. This ransomware was identified by a cybersecurity scientist Petrovic and is found to have enhanced highlights, for example, a clock and an alternate GUI over the...
Continue Reading
google android malware trojans security backdoor

Google Android confirms smartphone security backdoor

Summary Triada Trojan has been found in the firmware of various low-cost Android devices, which could be used to steal sensitive data and run cyber espionage modules.   Analysis First seen in March 2016 and labelled as the most advance mobile Trojan during that time specifically engineered as Android banking trojan. Android system images were infected...
Continue Reading
hiddenwasp malware linux digital risk protection risk compliance

HiddenWasp malware seizes control of Linux systems

Summary  New found malware dubbed as HiddenWasp believed to be targeting linux ecosystem, developers of this malware deployed it to remotely control infected Linux systems. The malware is also established from key parts of code used in Mirai and Azazel rootkit. Surprisingly, HiddenWasp has a zero-detection rate in all anti malware program under Linux.    Analysis  This malware main goal is to take control of compromised Linux...
Continue Reading
apple gatekeeper bug mac os mojave malware trojan

Gatekeeper bug in MacOS Mojave allows malware to execute

Summary  Researcher recently uncover bug in the macOS security feature Gatekeeper that allows malicious code execution on systems running the most recent version of Mojave (10.14.0) release. Included in macOS since 2012, the Gatekeeper security protection attempts to prevent malware from running on a Mac by enforcing code signing and verifying downloaded applications before execution.    Analysis  The flaw...
Continue Reading
1 2 3 21