Delaware, USA – June 6, 2018 – Experts from Intezer published an investigation of the Iron hacker group activities, which was first spotted about a year and a half ago. Attackers create malware to infect systems running Windows, Linux and Android. Their arsenal consists of cryptocurrency miners, ransomware and backdoors to install malware on infected […]
Delaware, USA – June 5, 2018 – APT28 (aka Fancy Bear group) continues distribution of VPNFilter malware. Cybercriminals created a new botnet to compromise Mikrotik routers via the open port 2000. Researchers from Jask discovered a number of IP addresses scanning networks in Ukraine for vulnerable devices. Despite the fact that the FBI took control […]
Delaware, USA – June 1, 2018 – Andariel Group is conducting the cyber-espionage campaign against South Korea. They compromise legitimate websites by exploiting several vulnerabilities in ActiveX including the new zero-day vulnerability. Attackers inject exploit code into hacked sites to infect all visitors with trojans. The zero-day vulnerability was found in Samsung SDS Acube, which […]
Delaware, USA – May 31, 2018 – Independent researcher Pedro Ribeiro found and described the exploit chain in the Incident Forensics built-in application of IBM QRadar which enables an unauthenticated user to execute commands in SIEM remotely. The chain consists of three vulnerabilities, which are assigned to single CVE-2018-1418. Each vulnerability is not too serious, […]
Delaware, USA – May 30, 2018 – Recently 360 Total Security released information about a severe vulnerability in the EOS blockchain platform that allows an attacker to gain control over the EOS node by uploading a smart contract to run arbitrary code and then he can compromise the whole blockchain: https://blog.360totalsecurity.com/en/ The EOS team fixed […]
Delaware, USA – May 29, 2018 – Researchers from ESET discovered BackSwap banking trojan, which uses entirely new techniques to steal money. So far, this malware targeted only a few banks in Poland, but other bankers can weaponize these methods shortly. Unlike most other banking trojans, BackSwap does not use DNS hijacking or web inject […]
Delaware, USA – May 25, 2018 – Adversaries use Brain Food botnet primarily is spam campaigns leading users to sites with fictitious diets or intelligence boosting pills. The first campaigns of this botnet were discovered back in March 2017, but due to their “harmlessness,” Brain Food did not attract particular attention. Recently, researchers from Proofpoint […]
Delaware, USA – May 24, 2018 – Researchers from Cisco Talos discovered preparation for a large-scale cyber attack with VPNFilter destructive malware. At the moment, it is known about the infection of more than half a million network devices in 54 countries, but the real amount can be much more significant. VPNFilter, unlike most botnets, […]
Delaware, USA – May 23, 2018 – More than 300,000 computers became victims of the new cryptocurrency miner. Researchers from 360 Total Security recently discovered malware they named CurlSoftwareBundlerMiner: https://blog.360totalsecurity.com/en/ For now, this cryptocurrency miner is actively distributed bundled with freeware tools and key generators. It uses open source utilities wget.exe and cURL.exe to attack […]
Delaware, USA – May 22, 2018 – Microsoft and Google experts discovered new variants of the Spectre attack on Intel, ARM and AMD and Power CPUs. The fourth variant of the attack was dubbed SpectreNG (CVE-2018-3639), and it can be performed remotely with the script files running within an application. The attack allows adversaries to […]