Blog

wordpress plugin vulnerability phishing redirect malware

WordPress Plugins Utilized For Use in Malicious Campaign

With each passing day, cases of WordPress infection that redirects visitors to suspicious pages is getting common.  Recently, a vulnerability was discovered in tagDiv Themes and Ultimate Member Plugins. In this WordPress redirect hack visitors to your website are redirected to phishing or malicious pages.   In this hack, users, when redirected, are taken to irritating...
Continue Reading
sqlite magellan vulnerability bug hacking

Unpatched SQLite Database Exposed Data To Hackers

Cybersecurity scientists have found a basic weakpoint in the broadly utilized SQLite database programming that uncovered billions of deployments to cyber criminals.   Named as ‘Magellan’ by security researchers, the newfound SQLite imperfection could enable remote assailants to execute self-assertive or malignant code on influenced gadgets, spill program memory or crash applications.   SQLite is a...
Continue Reading
zerofont phishing technique office365

ZeroFont Phishing Technique – Simple Yet Effective

Cyber criminals area at it again. And this time, they are after familiar territory – using ZeroFont on Microsoft Office 365. Ever since the developments in security for messaging systems, security experts have already given us due notice regarding the possible threats of bogus or fraudulent emails. This will be an ever-growing hazard since in this...
Continue Reading
data breach compromised data auto industry

Auto Industry Takes Huge Blow from Hackers

Cyber Attacks are getting more and more frequent nowadays. From government institutions to hospitals, banks and other financial institutions. There’s almost no rest for cyber criminals , hackers and the amount of illegal activities they couldn’t accomplish. And their newest victim – The Auto Industry. Car manufacturers or all manufacturers in general – normally go to great...
Continue Reading
nsa hacking tools chinese spies malware ransomware

How Chinese Spies Got the N.S.A.’s Hacking Tools, and Used Them for Attacks

Cyberwarfare Cyber espionage is the name of the game as art of warfare has shifted from physical to cyberspace; we only see this in the movies and now a reality when state sponsored hackers are finding its way into the cyberspace for supremacy, and once again a mysterious hackers repurposed and recycled  sophisticated cyber tools from...
Continue Reading
sim swap attack smshing cryptocurrency

USD$2.5M Worth of Stolen CryptoCurrency From The Latest SIM Swap Attacks

A man aged 20 from Dublin, was arrested and brought before the High Court on Thursday on foot of an extradition warrant. During a brief appearance, he indicated he understood the charges. He was remanded in custody until May 22. The US Attorney General for the Eastern State of Michigan said that their investigation had the...
Continue Reading
data breach hacking fraud prevention

Human Resources Company Suffers Data Breach

One seriously threatening part about data breaches and getting hacked is the period from when the breach was done, and the actual time it takes for the end user or the company to find out that they’ve been attacked. You begin to think that from that certain phase, those cyber criminals may have already acquired all...
Continue Reading
remote administration tool rat phishing campaign malware

Phishing Campaign Delivers Multi-Feature, Open-Source Babylon RAT

Remote Administration Tool (RAT) Summary Babylon RAT as it used phishing campaign to deliver pervasively, an open-source platform that allows for various breaches. The encrypted traffic and the ability to create SOCKS proxies can help negate network security measures. The client builder allows for Anti-Virus bypassing which helps the binary get to the endpoint safely. The...
Continue Reading
atlassian server hacked inject trojans injection hacker malware

Critical Atlassian Server Flaw Used by Hackers to Inject Trojans

A group of attackers are actively exploiting a critical vulnerability in Atlassian’s Confluence collaboration software to inject trojans and infect servers with the GandCrab ransomware. Confluence is a Java-based web application that provides a shared wiki-type workspace for enterprise employees and is used by tens of thousands of companies worldwide.   The vulnerability, tracked as CVE-2019-3396,...
Continue Reading
attack on banks smshing malware simjacking injection

Attack on Banks: Tactics and Techniques Used to Target Financial Organization

It has been said before that financial institution is losing an astounding amount yearly from cyberattacks. Monetizing attack on banks and financial institutions are no longer concentrated by cybercriminals; instead they shifted attention to employees from large business organizations. Workers occupying positions under financial departments, accountants and bank are realized that they can steal money not...
Continue Reading
EternalBlue MimiKatz Cryptobot malware

EternalBlue and MimiKatz Used to Create Cryptobot Malware

We detected a cryptobot malware that uses multiple propagation and infection methods to drop a Monero cryptocurrency miner onto as many systems and servers as possible. Initially observed in China in early 2019, the methods it previously used to infect networks involved accessing weak passwords and using pass-the-hash technique, Windows admin tools, and brute force attacks...
Continue Reading
chinese hacking group hack malware

Major Health Insurance Hack of 2015 Orchestrated By Chinese Hacking Group

The US Justice Department charged a Chinese hacking group with carrying out one of the largest criminal hacks in United States health care history that resulted in 79 million people having their personal information stolen. In the four-count indictment cited by the Justice Department, officials allege Wang Fujie, 32, and another man referred to only as...
Continue Reading
tivit databreach phishingattacks

InfoTech Firm In Brazil Suffers Data Breach via Phishing Assault

Just last month, various databases and cloud storage servers belonging to Tivit, a Brasilian based IT solutions and network storage provider, were hacked/compromised by unnamed assailants. In a series of leaks across Twitter over a 5 day time period, between December 7th-12th 2018, the login user names and credentials to more than a dozen Tivit cloud...
Continue Reading
electricfish trojan malware

North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data

Executive Summary Two days ago (9th May), a Joint effort between Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) published a Malware Analysis Report (MAR) about a Trojan malware variant known as ELECTRICFISH. A North Korean based malicious actor known as HIDDEN COBRA is known to have utilized this malware. The targets of...
Continue Reading
fast phishing attacks

Fast and Furious Phishing Attacks – The Race against Time Matters

Phishing threat timeline It will only take a fraction of a second to complete the entire phishing phase, from the time the first victim opens and clicks on malicious email, attachment or url – then reaction time shutting down phishing website or tracing email reference to moving on after a few hours as if nothing critical...
Continue Reading
satan malware ransomware attack

Satan Malware Attacking The Finance Sector with Ransomware

Cyber security specialists spotted two Satan Malware variations focusing on associations in the monetary segment with Monero excavators and ransomware.   The main variation of the malware, which security researchers seen toward the beginning of November, targets Linux and Windows frameworks and spreads by misusing different application vulnerabilities. In the wake of building up a dependable...
Continue Reading
gps tracker compromised data

Popular But Flawed GPS Tracker Leaks User Locations Real-Time

Chinese-made GPS tracker that have no internet connectivity but use a SIM card to connect to a cell network are bought in bulk, rebranded, and resold by a number of companies worldwide.   UK cyber-security experts are calling for an immediate recall of a GPS tracker used as a panic alarm for elderly patients, monitoring children,...
Continue Reading
tflower ransomware hacking malware

The TFlower Ransomware – A New Threat to Corporate Networks

Since 2017, the amount of ransomware incidences have become increasingly rampant and progressive. TFlower Ransomware concentrated their assaults against company networks, infiltrating the very core of everyday business operations.   There was a slight decline in the number of attacks from last year but came 2019, these business-targeting malwares have accelerated their assault in a manner...
Continue Reading
save the children fraud prevention malware phishing identity theft cyber criminal attacked charity

Shameful Cyber Criminals Attacked Kids’ Charity

Scammers and cyber criminals attacked kid’s charity – Save the Children Federation, a well-known U.S. charity, into sending them approximately one million dollars. The attacker managed to access an employee’s email account and from there sent fake invoices and other documents designed to trick the organization into sending the money. Whatever online website scanners or malware...
Continue Reading
uc browser ucweb phishing phishingattacks

UC Browser Vulnerability Could Expose More Than 600M Users to Phishing Attacks

An address bar vulnerability with the latest versions of UC Browser and UC Browser Mini exposes millions of users to Phishing Attacks. The vulnerability was discovered by a cyber-security researcher, which allows an attacker to pose his phishing domain as the targeted site.   According to the researcher, the UC Browser phishing vulnerability exists only with...
Continue Reading
1 2 3 4 20