Danabot Phishing Scam
Yet another sensational Phishing operation has been identified, and is targeting users with bogus bill statements from MYOB. MYOB (Mind Your Own Business) is a multinational corporation based in Australia. They provide taxation, accounting and other similar business services software to small and medium businesses. So its primary concentration of targets is of course, in...
Continue Reading
Bank Fraud detection and prevention
A fraudulent app impersonating a phone call recording functionality in the Google Play Store managed to take away thousands of euros from a couple of bank customers in Europe. The malicious app was planted in a QRecorder app, being advertised as an automatic call and voice recording tool. At the time of the analysis, it...
Continue Reading
Hotel Guest Fined for Hacking Hotel Wifi
A security engineer from Chinese multinational company Tencent hacked into the WiFi system of a hotel in Singapore and received a fine for publicly disclosing administrator login passwords. Zheng Dutao participated in the capture-the-flag competition during the Hack InThe Box security conference in Singapore at the end of August and decided to test the WiFi...
Continue Reading
Netflix Users Warned Against Phishing Attacks
If you own a smart TV, or even just a computer, it’s likely you have a Netflix account. The streaming service is huge these days – even taking home awards for its owned content. So, it’s only natural cybercriminals are attempting to leverage the service’s popularity for their own gain. In fact, just discovered last...
Continue Reading
Zoho Domain Taken Down By Mistake
The domain of India-based software provider Zoho, one of the largest tech companies in the world, was taken offline today for around two hours after the domain registrar overstepped its attributes and took down following a banale phishing complaint. The downtime resulted in nearly 30 million Zoho users being unable to access Zoho’s website,...
Continue Reading
Fraudulent Retail Activities Spikes Ahead Of the Holiday Season
A gigantic year-over-year increment in retail extortion is spelling terrible news for shops and customers in front of the Christmas season, as indicated by another investigation concentrated on cybercrime in the division. Scientists from IntSights and Riskified joined to dissect danger information from in excess of 20 retailers from Q3 2017 to Q3 2018, and...
Continue Reading
Hernia Institute in California Attacked by Gamma Ransomware – Patient Records Exposed
The information exposed by the assault incorporates the data of patients who were treated preceding 19th July, 2018. The bargained information incorporates patients’ full names, addresses, dates of birth, social security information, laboratory findings and clinical arrangements. California-based National Ambulatory Hernia Institute was hit by a ransomware assault that traded off an aggregate of 15,974...
Continue Reading
New Mac Malware Can Capture Invisible Data and More
Yet another Macintosh malware named OSX. SearchAwesome was just discovered active and thriving. The malware can perform different malevolent exercises, for example, blocking scrambled web activity to infuse advertisements. The Adware acts like a real application and introduces a digital certificate, which influences the genuine mitmproxy open-source program. This, thus, can be utilized by assailants...
Continue Reading
A newly found malware manhandles two real Windows documents that oversee the digital certificates for the Windows OS. The Windows records - the order line utility wmic.exe and certutil.exe - is used by the malware to download its payload onto its selected individual's gadget. These authentic documents incorporated together can be utilized by the malware creator to download different records for malevolent purposes, as a component of its typical arrangement of highlights. Prior to this discovery, similar Windows records were independently utilized in different hacking campaigns. In any case, in this situation, both the records are utilized together by the malware creator to upgrade the malware's viability, hostility and anti-dodging features. Security experts from a famous AV Firm, who revealed the malware intrusion, likewise found that the malware has been focusing on unfortunate Brazilian subjects. Assault Trajectory The cyber criminals behind this battle utilized maliciously-designed phishing messages with connections that prompt a ZIP record. Whenever extricated, the ZIP record contains a LNK document (recognized as Trojan.LNK.DLOADR.AUSUJM) which coordinates to the cmd.exe. The direction work at that point associates with wmic.exe to download and execute content directions from the command and control (C2) server. Afterward, the cmd.exe makes a duplicate of the certutil.exe and renames it into certis.exe before putting it in the temp envelope. A noxious content directions certis.exe is utilized to download the fundamental payload for the malware from the C2 servers. This progression in the routine is in all likelihood executed as an extra avoidance system since, as made reference to before, the utilization of certutil.exe in noxious assaults is now openly known. Phishing Effort Targets Brazil The phishing messages utilized in the campaign present as originating from the organization that operates the national postal administration of Brazil. The cyber criminals behind the malicious campaign were discovered utilizing courier delivery as a bait. Security Researchers found that the last payload conveyed in this malicious campaign is managing a banking malware that is just initiated when the objective's dialect is set to Portuguese. This demonstrates the cybercriminals behind this malware campaign are particularly focusing on just Portuguese-talking nations. Protecting Against the Assault Cybercriminals tend to utilize genuine documents to add extra avoidance layers to their assault strategies. This normally presents issues to the security framework in separating among real and pernicious applications. Specialists propose that clients acquire extra precautionary steps, for example, verifying the identity of the email sender, filtering the email for syntactic or spelling mistakes and maintaining a strategic avoidance from downloading records from obscure connections.
A newly found malware manhandles two real Windows documents that oversee the digital certificates for the Windows OS. The Windows records – the order line utility wmic.exe and certutil.exe – is used by the malware to download its payload onto its selected individual’s gadget. These authentic documents incorporated together can be utilized by the malware...
Continue Reading
New Malware Can Turn Android Devices into Hidden Proxies
Another Android malware named TimpDoor has been found by security specialists. The malware is being circulated as a major aspect of a phishing effort and is being sent to exploited people’s SMS messages. The aggressors behind the battle trap exploited people into downloading and introducing a phony voice-message application that contains TimpDoor. Once the malware-bound...
Continue Reading
1 2 3 4 5 11