Cyber Criminals
Google Images Plagued by Malwares
Cyber attackers are getting really creative and resourceful when it comes to infecting users and machines with Malwares. It’s as if regular hacking of websites and servers is not enough, these criminals are now targeting legit hosted websites and its images, and using them as a tool to exploit vulnerabilities while remaining undetected. What’s even...
Continue Reading
The Hacker Just Got Hacked
The Lokibot malware is a Banking Trojan designed for information theft. It’s been around since 2015 and has targeted many users for quite some time. The original malware was created by “Carter”, a.k.a. “Lokistov”. It was then sold and distributed on the underground market (dark web) for prices ranging from $80 to as high as...
Continue Reading
Cloud HR Firm ComplyRight – Hacked!
The seriously threatening part about data intrusion and getting hacked is the period from when the breach was done, and the actual time it takes for the end user or the company to find out that they’ve been attacked. You begin to think that from that certain phase, those cyber criminals may have already acquired...
Continue Reading
The Crypto-Criminal Bar Brawl
CryptoLocker made it into the scene in 2013 that really opened the age of ransomware on a grand scale. It spread like a wildfire in a form of attachment to spam messages and use RSA public key encryption to seal up users files, and monetizing by decrypting keys. As Avast notes that at its height...
Continue Reading
A newly found malware manhandles two real Windows documents that oversee the digital certificates for the Windows OS. The Windows records - the order line utility wmic.exe and certutil.exe - is used by the malware to download its payload onto its selected individual's gadget. These authentic documents incorporated together can be utilized by the malware creator to download different records for malevolent purposes, as a component of its typical arrangement of highlights. Prior to this discovery, similar Windows records were independently utilized in different hacking campaigns. In any case, in this situation, both the records are utilized together by the malware creator to upgrade the malware's viability, hostility and anti-dodging features. Security experts from a famous AV Firm, who revealed the malware intrusion, likewise found that the malware has been focusing on unfortunate Brazilian subjects. Assault Trajectory The cyber criminals behind this battle utilized maliciously-designed phishing messages with connections that prompt a ZIP record. Whenever extricated, the ZIP record contains a LNK document (recognized as Trojan.LNK.DLOADR.AUSUJM) which coordinates to the cmd.exe. The direction work at that point associates with wmic.exe to download and execute content directions from the command and control (C2) server. Afterward, the cmd.exe makes a duplicate of the certutil.exe and renames it into certis.exe before putting it in the temp envelope. A noxious content directions certis.exe is utilized to download the fundamental payload for the malware from the C2 servers. This progression in the routine is in all likelihood executed as an extra avoidance system since, as made reference to before, the utilization of certutil.exe in noxious assaults is now openly known. Phishing Effort Targets Brazil The phishing messages utilized in the campaign present as originating from the organization that operates the national postal administration of Brazil. The cyber criminals behind the malicious campaign were discovered utilizing courier delivery as a bait. Security Researchers found that the last payload conveyed in this malicious campaign is managing a banking malware that is just initiated when the objective's dialect is set to Portuguese. This demonstrates the cybercriminals behind this malware campaign are particularly focusing on just Portuguese-talking nations. Protecting Against the Assault Cybercriminals tend to utilize genuine documents to add extra avoidance layers to their assault strategies. This normally presents issues to the security framework in separating among real and pernicious applications. Specialists propose that clients acquire extra precautionary steps, for example, verifying the identity of the email sender, filtering the email for syntactic or spelling mistakes and maintaining a strategic avoidance from downloading records from obscure connections.
A newly found malware manhandles two real Windows documents that oversee the digital certificates for the Windows OS. The Windows records – the order line utility wmic.exe and certutil.exe – is used by the malware to download its payload onto its selected individual’s gadget. These authentic documents incorporated together can be utilized by the malware...
Continue Reading
Online Love Scam Syndicate Busted
A syndicate associated with nearly $20 million worth of Internet love tricks has been disabled in a joint global activity including officers from Singapore, Malaysia and Hong Kong. Eight Internet love trick cases detailed in Singapore, including in any event, around $450,000, were solved because of the joint task. The task was done in Malaysia...
Continue Reading
More victims for Magecart Hack Group
Just days after the British Airways breach which exposed almost 400,000 payment card information, the hack group was also recognized as behind the hacking of two additional victims this week – Feedify and Groopdealz. The hack of Feedify was disclosed after a Twitter user named “Placebo” posted Tuesday that Magecart was seen attacking the Feedify...
Continue Reading
Coordinated Cyber-Attacks
The ongoing Gulf feud between the small but rich country of Qatar versus its biggest friends and neighbouring countries of Saudi Arabia, UAE, Egypt and Bahrain continued their year-long conflict with more cyber-attacks in mind. #OpQatar Hacks are targeting and leaking sensitive information from their citizens and agencies once again. #OpQatar reached mainstream media on...
Continue Reading
Russian Antivirus Software: Kaspersky Lab
Russian Antivirus Software: Kaspersky Lab, officially banned by the US Government. European Union considers the Antivirus “malicious” US agencies are now officially prohibited from using Kaspersky Lab along with all related services. Although no concrete evidence, this started after classified hacking materials for the National Security Agency (NSA), was hacked with the help of Kaspersky...
Continue Reading
Firefox as the New Weapon of Cyber Criminals
Web cache is data front liners that are automatically downloaded for faster bootup times during your next same-site visit. It’s a typical web practice that normally wouldn’t warrant any suspicions, but recent research now finds it vulnerable to abuse – and attack website’s visitors. The Research Team from PortSwigger Web Security, under the supervision of...
Continue Reading
1 2 3