Blog

phishing attacks

Hackers sending over 3 billion fake emails daily to conduct phishing attacks

Every day, hackers send out over 3.5 billion fake emails worldwide targeting companies to spear-phishing and spoofing cyberattacks. Most companies remain vulnerable to these phishing attacks simply because they’re not implementing industry-standard authentication protocols. Vast majority of these suspicious emails were found out to came from U.S.-based sources. Spear-phishing, as distinguished from regular phishing scams, is...
Continue Reading
Rowhammer attack

New variant of Rowhammer attack risking danger for possible data leak

International academic researchers discovered a new variant of the Rowhammer attack,which they named asRAMBleed,that can be performed even if a system is patched against Rowhammer. The unfamiliar attack of this RAMBleed is that it targets devices to steal information, contrary to other Rowhammer attacks that alter existing data or elevate an attacker’s privileges. As many malicious...
Continue Reading
anti malware

Even the NSA is urging Windows users to patch BlueKeep

Summary Security vulnerability that was discovered in Microsoft’s Remote Desktop Protocol (RDP), that allow for the possibility of remote code execution via BlueKeep. NSA urges to update their system to prevent a re-run of attacks coincide 2017 ransomware outbreaks. Analysis A wormableremote code execution vulnerability first found in the wild on May 14,2019 with CVE-2019-0708, however...
Continue Reading
hacking group | Malware check | Malware trojan

FIN8 Hacking Group backs to business with updated ShellTea backdoor

After being silent for almost two years, cybersecurity researchers made malware check and found out that FIN8 Hacking Group has returned, devising a new method of hacking the hotel-entertainment industry using an updated version of a malware trojan known as ShellTea/PunchBuggy Backdoor.This attack was thought to be the first attack delivered by the FIN8 group in...
Continue Reading
phishing sites

FBI warns users to be wary of phishing sites abusing HTTPS

Summary HTTPS green padlock symbol may no longer indicate secured connection. Analysis There has been a steady increase in threat actors’ use of SSL certificates to add an air of legitimacy to malicious websites. Since 2017 almost a third of phishing sites had SSL certificates, meaning their URLs began with HTTPS:// and (most) browsers displayed the...
Continue Reading
phishing scams

Phishing Scam Asks You to Login to Read Encrypted Message

New phishing campaign is in circulation requiring users to login to a fraudulent OneDrive site in order to unveil an encrypted message. Analysis • A believed to be phishing emails with subject similar to ‘Encrypted Message Received’ and includes a link stating ‘View Encrypted Email’. • Message link will divert the user to a fake OneDrive...
Continue Reading
anti trojan solution | Triada Android Trojan

Google Confirms Android Smartphone Security Backdoor

Summary Triada Trojan has been found in the firmware of various low-cost Android devices, which could be used to steal sensitive data and run cyber espionage modules. Analysis : First seen in March 2016 and labelled as the most advance mobile Trojan during that time specifically engineered as Android banking trojan. Android system images were infected...
Continue Reading
site take down

Cyberattack hits Radiohead’s unreleased music track

A cyberattacker hacked The English rock band Radiohead stealing private minidisk archive from the band’s third album and subsequent major worldwide hit ‘OK Computer’and threatened to leak them in an extortion scheme if they will not pay the ransom costing $150,000. Jonny Greenwood, Radiohead guitarist and keyboardist of the band, said that a hacker last week...
Continue Reading
Hackers Can Utilize Hardware Vulnerability of Chips to Perform Remote Attacks

Hackers Can Utilize Hardware Vulnerability of Chips to Perform Remote Attacks

Qualcomm chipsets are generally the processor of choice for many smartphone users, owing to the firm’s powerful graphics hardware and developer-friendly nature. It’s not immune to security flaws though, and its latest vulnerability is a big one.   Security researchers discovered the flaw last year, allowing cyber-criminals to gain private data and security keys in a...
Continue Reading
Cyber Security

Chinese Hacking Group Gaining Ground in the Philippines and US

An advanced persistent threat group linked to the Chinese government accused of conducting a widespread cyber espionage campaign against IT service providers has gone quiet since two of its members were indicted by the Department of Justice last year, according to a Department of Homeland Security official, but it remains an active threat to American businesses,...
Continue Reading
malware

Malware Turns Android Mobile Devices into Tunnel Proxies

Another Android malware named TimpDoor has been found by security specialists. The malware is being circulated as a major aspect of a phishing effort and is being sent to exploited people’s SMS messages.   The hackers behind the battle trap exploited people into downloading and introducing a phony voice-message application that contains TimpDoor.   Once the...
Continue Reading

Malicious Mobile App Stealing Users’ Money

A malicious mobile app impersonating a call recording functionality in the Google Play Store managed to take away thousands of euros from a couple of bank customers in Europe. The malicious malware-laced app was planted in a QRecorder app, being advertised as an automatic call and voice recording tool.   At the time of the analysis,...
Continue Reading
identity-theft prevention

Major US Server Techs Allegedly Embedded With Chinese Spy Chips

Tech Companies have ardently denied Bloomberg’s declaration that China’s Super Micro gave them hardware loaded with spy chips, but that isn’t stopping all sorts of accusations from pouring in.   Bloomberg claims has obtained documents from security researcher Yossi Appleboum that reportedly show evidence of an unnamed major US telecom finding “modified hardware” from Super Micro...
Continue Reading
Domain Factory hacker

GoDaddy’s Domain Factory Endures Data Breach

One of the largest hosting companies in Germany, DomainFactory, has been penetrated by hackers. The hosting company, which is owned by GoDaddy since 2016, reported that the data breach happened around late April 2019, but the company found out about the incident just last week, May 23rd, after the alleged Hacker began sharing bits of the...
Continue Reading
UC Browser Apps

Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks

Threat summary This affect latest UC Browser version 12.11.2.1184 and UC Browser Mini version 12.10.1.1192. The vulnerability resides in the way User Interface on both browsers handles a special built-in feature that was otherwise designed to improve users Google search experience.The vulnerability, which has no CVE identifier as its discovered so recently, Browser could allow an...
Continue Reading
Mobile Apps

Your Mobile Apps Are Secretly Sharing Your Data on Social Media

It’s not just dating and health apps that might be violating your privacy when they send data to Facebook.   A Privacy International study has determined that “at least” 20 out of 34 popular Mobile Android apps are transmitting sensitive information to Facebook without asking permission, including Kayak, MyFitnessPal, Skyscanner and TripAdvisor.   This typically includes...
Continue Reading
Huawei devices

Google and Huawei: Temporary License Granted

The US Government’s fraud management efforts appear to have made the world go hysterical as it had ordered Alphabet’s Google to revoke the license of Android and Google proprietary apps from Huawei. In a sudden turn of events the Department of Commerce has given Huawei a temporary general license to maintain its current products.The general license...
Continue Reading
Cipher Stunting

Billions of Malicious Bot Attacks Take to Cipher-Stunting to Hide

Threat Summary There has never come a time when TLS signature become focal point of target by malicous actors. Since cipher stunting is fairly new in the threat landscape, and now prevailing as a new vector to be exploited. This approach is found to be the latest evasive technique and more predominately used that reached up...
Continue Reading
best virus malware protection

This password-stealing malware just evolved a new tactic to remain hidden

Malware Summary Qakbot or Qbot also known as bank malware has been in the threat landscape since 2008 similar to Rubber Ducky, Mimikatz, and is considered one of the most effective malware families of the past decade, in part because its source code is available to cybercriminals, so it can be easily modified and extended. Primarily...
Continue Reading
WI-FI Security

Discovering WI-FI Security

Wireless Fidelity We are all connected with it and used it in on daily basis  using computers, smart phones, iPads, game consoles, even our home appliances and other devices to communicate over high-frequency radio signal or wireless signal, however we have less information on how it originally go about, how secure it is and who revolutionized...
Continue Reading
1 2 3 4 18