Clik here to view.
Ordinypt wiper ransomware targets German businesses
Another wiper malware posing as a ransomware is targeting German businesses under the guise of fake job applicants inquiring about openings. Ordinypt was discovered by ID-Ransomware coder Michael...
View ArticleClik here to view.
RunPE: How to hide code behind a legit process
Hiding a process has always being challenging for malware writers, and they found many ways to do so. The tip I’ll talk about is very basic, yet simple to write, but doesn’t work all the time. This...
View ArticleClik here to view.
Avira spotted a new strain of the dreaded Locky Ransomware in the wild
Avira firm detected a new strain of the Locky ransomware that is spreading through malicious attachments disguised as legitimate Libre and Office documents. Researchers at Avira Virus Lab detected a...
View ArticleClik here to view.
A c espionage group has been using a new strain of malware dubbed Reaver
Experts at Palo Alto Networks have discovered a new malware family named Reaver with ties to hackers who use the SunOrcal malware. A China-linked cyber espionage group has developed a new strain of...
View ArticleClik here to view.
Creating ATM Botnets Not Difficult, Researchers Say
Internet-connected Automated teller machines (ATMs) can be discovered using dedicated search engines and specific keywords and then ensnared into botnets, Kaspersky Lab researchers believe. With large...
View ArticleClik here to view.
OnePlus includes Qualcomm engineering app in phones, exposes root backdoor
OnePlus says it’s “looking into” the report. A Twitter user by the name “Elliot Alderson” has discovered a root backdoor in OnePlus devices—one that has apparently been shipping for years. OnePlus has...
View ArticleClik here to view.
U.S. Government Shares Details of FALLCHILL Malware Used by North Korea
The United States Department of Homeland Security (DHS) shared details of a hacking tool they say is being used by a threat group linked to the North Korean government known as “Hidden Cobra.” The...
View ArticleClik here to view.
Multi-stage malware sneaks into Google Play
Another set of malicious apps has made it into the official Android app store. Detected by ESET security systems as Android/TrojanDropper.Agent.BKY, these apps form a new family of multi-stage Android...
View ArticleClik here to view.
Malware signed with stolen Digital code-signing certificates continues to...
A group of researchers demonstrated that malware signed with stolen Digital code-signing certificates continues to bypass security software. A recent study conducted by the Cyber Security Research...
View ArticleClik here to view.
This stealthy cat-and-mouse hacking campaign aims to steal diplomatic secrets
Felismus malware deployed to steal documents and carry out surveillance on government foreign policy in a previously unknown campaign. A previously unknown hacking and espionage operation is using...
View ArticleClik here to view.
Antivirus Software Can Be Hijacked to Compromise Windows Systems
Vulnerability allows to abuse option to restore files from quarantine and then deploy malware in sensitive location. Despite Microsoft making Windows Defender a more advanced security product,...
View ArticleClik here to view.
Fully undetectable backdooring PE files
During Penetration testing engagement you are required to backdoor a specific executable with your own shellcode without increasing the size of the executable or altering its intended functionality and...
View ArticleClik here to view.
Adwind remote access Trojan makes a comeback and it’s got smarter
The Adwind cross-platform, malware-as-a-service Trojan has been around since 2012. Spread by phishing emails claiming to be invoices, purchase orders, and requests for quotations, it’s aimed at high...
View ArticleTop Websites Are Using Keyloggers Recording Even Passwords, Research Shows
Well over 400 high profile websites are collecting all the keys that you’ve pressed, and it turns out that most of them don’t even know about it. When we hear the word keylogger, we imagine some sort...
View ArticleClik here to view.
qkG Filecoder: Self-Replicating, Document-Encrypting Ransomware
We encountered a few interesting samples of a file-encoding ransomware variant implemented entirely in VBA macros called qkG (detected by Trend Micro as RANSOM_CRYPTOQKG.A). It’s a classic macro...
View ArticleClik here to view.
macOS Malware Notorious for Its Data Stealing Capabilities Is Back
Mac malware, Proton, is spreading through a legitimate security company. Security researchers spotted criminals using search poisoning to get more targets and leverage the credibility of Symantec in...
View ArticleClik here to view.
URSNIF TROJAN ADOPTS NEW CODE INJECTION TECHNIQUE
Hackers are testing a new variation of the Ursnif Trojan aimed at Australian bank customers that utilizes novel code injection techniques. Since the summer of 2017, IBM X-Force researchers report that...
View ArticleClik here to view.
US says it doesn’t need secret court’s approval to ask for encryption backdoors
Critics have long argued that the government has wide latitude to conduct surveillance under broad approvals from the Foreign Intelligence Surveillance Court. The US government does not need the...
View ArticleClik here to view.
A giant botnet behind one million malware attacks a month just got shut down
An arrest has been made over the Andromeda botnet, following an operation involving the FBI, Europol, and cybersecurity companies. A major botnet, which incorporated millions of PCs and is associated...
View ArticleClik here to view.
Cloudflare[.]Solutions Keylogger on Thousands of Infected WordPress Sites
A few weeks ago, we wrote about a massive WordPress infection that injected an obfuscated script pretending to be jQuery and Google Analytics. In reality, this script loaded a CoinHive cryptocurrency...
View Article