Cybercrime


NEWS 
  • Zero-Day Flash Exploit Targeting Middle East

    June 7, 2018

    A zero-day vulnerability is being exploited in the wild in targeted attacks against Windows users in the Middle East, researchers warned Thursday. The Flash Player vulnerability (CVE-2018-5002), a stack-based buffer overflow bug that could enable arbitrary code execution, was patched earlier today by Adobe. Read more… Source: ThreatPost  

  • Targeted Spy Campaign Hits Russian Service Centers

    June 7, 2018

    A series of espionage attacks have been uncovered, targeted at service centers in Russia that provide maintenance and support for a variety of electronic goods. The payload is a commercial version of the Imminent Monitor tool, which is freely available for purchase as legitimate software. Its developers explicitly prohibit any usage of the tool in a malicious way ...

  • VPNFilter Malware Impact Larger Than Previously Thought

    June 6, 2018

    Researchers say the impact of the VPNFilter malware discovered last month is larger than originally reported. On Wednesday, Cisco Talos researchers said they now believe the malware has infected twice the number of router brands than previously stated. They added that VPNFilter also delivers a more potent punch than they originally thought, and have identified a previously ...

  • Prowli Malware Targeting Servers, Routers, and IoT Devices

    June 6, 2018

    After the discovery of massive VPNFilter malware botnet, security researchers have now uncovered another giant botnet that has already compromised more than 40,000 servers, modems and internet-connected devices belonging to a wide number of organizations across the world. Dubbed Operation Prowli, the campaign has been spreading malware and injecting malicious code to take over servers and websites around ...

  • Nocturnal Stealer Lets Low-Skilled Cybercrooks Harvest Sensitive Info

    May 31, 2018

    The Nocturnal Stealer malware has crept into the Dark Web like a thief in the night, offering criminals a lucrative payday for a small price — and little effort. It’s a commodity malware, debuting on an underground forum in March for the low price of $25. It steals things, including 28 different kinds of cryptocurrency wallets, ...

  • Brazilian Banking Trojan Communicates Via Microsoft SQL Server

    May 29, 2018

    Researchers have discovered a banking trojan making waves in Brazil with an array of tricks up its sleeve, including using an unusual command and control (C&C) server and a full-screen social-engineering overlay form. Researchers at IBM X-Force research on Tuesday revealed that attackers are using the malware – dubbed MnuBot –mainly in Brazil to perform illegal ...

  • VPNFilter Malware Infects 500k Routers Including Linksys, MikroTik, NETGEAR

    May 23, 2018

    Malware called VPNFilter has infected 500,000 router brands ranging from Linksys, MikroTik, NETGEAR and TP-Link that are mostly used in home offices. Researchers at Cisco Talos said they decided to warn the public of the threat despite the fact the infected devices and malware are still under investigation. Researchers said their investigation into VPNFilter has been ...

  • Wicked Botnet Uses Passel of Exploits to Target IoT

    May 21, 2018

    Yet another variant of the Mirai botnet has appeared on the scene, but this one has a twist: The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers. It also has ties to a web of other botnets, made for DDoS attacks, which can all ...

  • DNS-Hijacking Malware Targeting iOS, Android and Desktop Users Worldwide

    May 21, 2018

    Widespread routers’ DNS hijacking malware that recently found targeting Android devices has now been upgraded its capabilities to target iOS devices as well as desktop users. Dubbed Roaming Mantis, the malware was initially found hijacking Internet routers last month to distribute Android banking malware designed to steal users’ login credentials and the secret code for two-factor authentication. Read more… Source: The ...

  • Airports are ill-equipped to deal with a major cyber-attacks

    May 16, 2018

    The report titled,‘Overcome the Silent Threat’, says that an increasing consumer demand for faster internet and digital engagement with airlines and retailers are providing cyber criminals with more opportunities to attack. According to the latest figures from the European Aviation Safety Agency, there are currently around 1,000 cyber-attacks each month on airport and aviation systems worldwide. Read more… Source: ...

  • Nethammer—Exploiting DRAM Rowhammer Bug Through Network Requests

    May 16, 2018

    Last week, we reported about the first network-based remote Rowhammer attack, dubbed Throwhammer, which involves the exploitation a known vulnerability in DRAM through network cards using remote direct memory access (RDMA) channels. However, a separate team of security researchers has now demonstrated a second network-based remote Rowhammer technique that can be used to attack systems using uncached memory or ...

  • This new type of DDoS attack takes advantage of an old vulnerability

    May 15, 2018

    A newly-uncovered form of DDoS attack takes advantage of a well-known, yet still exploitable, security vulnerability in the Universal Plug and Play (UPnP) networking protocol to allow attackers to bypass common methods for detecting their actions. Attacks are launched from irregular source ports, making it difficult to determine their origin and blacklist the ports in order ...

  • Ex-CIA man named as suspect in Vault 7 leak

    May 15, 2018

    A former CIA employee has been named as the prime suspect in last year’s dump of thousands of documents on the agency’s hacking practices. A report from The Washington Post cites court documents that name Joshua Adam Schulte as the person authorities think to be behind the massive Vault7 data dump. Read more… Source: The Register  

  • Shadowy Hackers Accidentally Reveal Two Zero-Days to Security Researchers

    May 15, 2018

    An unidentified hacker group appears to have accidentally exposed two fully-working zero-days when they’ve uploaded a weaponized PDF file to a public malware scanning engine. The zero-days where spotted by security researchers from Slovak antivirus vendor ESET, who reported the issues to Adobe and Microsoft, which in turn, had them patched within two months. Anton Cherepanov, ...

  • Hackers Steal Millions From Mexican Banks Via Fake Transfers

    May 14, 2018

    The incident may have been orchestrated by organised criminals, says Mexico’s central bank Cyber-thieves have made off with hundreds of millions of pesos from Mexican banks using the country’s domestic electronic transfer system. The attack is similar to earlier ones that have used the international SWIFT network, prompting the Belgium-based organisation to bring in new security measures. Read more… Source: ...

  • GandCrab Ransomware Found Hiding on Legitimate Websites

    May 10, 2018

    The GandCrab ransomware continues to virulently spread and adapt to shifting cyber-conditions, most recently crawling back into relevance on the back of several large-scale spam campaigns. What’s interesting is that GandCrab payload was found hiding on legitimate but compromised websites. These, when analyzed, were found to be riddled with vulnerabilities stemming from outdated software, highlighting one ...

  • 5 Powerful Botnets Found Exploiting Unpatched GPON Router Flaws

    May 10, 2018

    Well, that did not take long. Within just 10 days of the disclosure of two critical vulnerabilities in GPON router at least 5 botnet families have been found exploiting the flaws to build an army of million devices. Security researchers from Chinese-based cybersecurity firm Qihoo 360 Netlab have spotted 5 botnet families, including Mettle, Muhstik, Mirai, Hajime, and Satori, ...

  • FBI: Cyber-Fraud Losses Rise to Reach $1.4B

    May 8, 2018

    About 301,580 consumers reported cyber-fraud and malware attacks to the FBI’s Internet Crime Complaint Center (IC3) last year – with reported losses exceeding a whopping $1.4 billion. The year’s haul of reports brings the overall total of complaints since the IC3 began recording such things to 4 million. Read more… Source: ThreatPost  

  • UK Manufacturers Top Attack Target For Cyber Crooks

    May 8, 2018

    Manufacturing was the sector most attacked by cyber-criminals in the UK last year, a report from NTT Security has found, mirroring warnings from other agencies including the UK’s National Cyber Security Centre (NCSC) . The firm’s Global Threat Intelligence Report 2018 found that finance was the most targeted sector worldwide, accounting for 26 percent of attacks, including ...

  • This malware checks your system temperature to sidestep sandboxing

    May 1, 2018

    GravityRAT is a Trojan which checks the temperature of a system to detect the presence of virtual machines (VMs) and prevent efforts at analysis by researchers. By taking thermal readings, the Remote Access Trojan (RAT), which has become a recent menace in India, attempts to find out whether or not VMs are being employed for the ...