Memcached reflections that recently fueled two most largest amplification DDoS attacks in the history have also helped other cybercriminals launch nearly 15,000 cyber attacks against 7,131 unique targets in last ten days, a new report revealed. Chinese Qihoo 360’s Netlab, whose global DDoS monitoring service ‘DDosMon’ initially spotted the Memcached-based DDoS attacks, […]
Haythem Elmir
Large Lokibot Malspam Campaign Hitting The UK
We are seeing a quite active malspam campaign distributing Lokibot hitting UK at the moment. They are using multiple spoofed email sending addresses, loads of different subject lines and body contents. All the attachments have different names as well. A few examples of senders are: Frank <hdmexp2@highdream.net> ???????????? […]
Multiples vulnérabilités dans SCADA les produits Siemens
De multiples vulnérabilités ont été découvertes dans SCADA les produits Siemens . Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à l’intégrité des données et une atteinte à la confidentialité des données. RISQUE(S) Contournement de la politique de sécurité Atteinte à l’intégrité […]
Security Advisory – Information Disclosure Vulnerability on Honor Smart Scale Application
There is an information disclosure vulnerability on Honor Smart Scale application. The application does not sufficiently restrict the resource which can be accessed by certain protocol. An attacker could trick the user to click a malicious link, successful exploit could cause information disclosure. (Vulnerability ID: HWPSIRT-2018-01020) This vulnerability has […]
Your smartphones are getting more valuable for hackers
Your smartphone probably knows more about you than you do. It knows where you are at all times. It knows every person you talk to, and what you’ve said to them. It has your family photos, your pet’s pictures, your passwords and more. For attackers, it’s a digital passport to […]
A new DDoS malware could cripple the entire cyberspace
A new malware, Saposhi has been detected by cybersecurity agencies, which can cripple the entire industries by taking over electronic devices and turning them into ‘bots’, which can be used for Distributed Denial of Service (DDoS) attacks . According to a report of the Hindu, the new malware Saposhi was […]
Not all who pay a ransom successfully recover their compromised data
A new report by the CyberEdge Group found that 55 percent of responding organizations were compromised by ransomware in 2017, down from 61 percent in 2016. How victims responded to ransomware Respondents who were victimized by ransomware and who elected to pay the ransoms were asked if they successfully recovered […]
Fake resume malspam delivers Sigma Ransomware
I haven’t seen any examples of this Resume malware for a while now, so when this popped up in my spam folder, it looked interesting enough to investigate a bit more. This is a continuation from these 4 previous posts about malware using resumes or job applications as the lure. They […]
Une nouvelle tentative de phishing qui usurpe les mails d’OVH
Attention, une nouvelle campagne de phishing vise les détenteurs de comptes OVH . Elle joue sur la peur et indique que votre compte sera suspendu et qu’il faut « ‘effectuer le règlement par carte bancaire à l’ordre d’OVH » ! OVH est l’un des plus grands hébergeurs web du net. Il […]
NRA Websites Heavily Targeted by Memcached-Based DDoS Attacks
Websites associated with the US National Rifle Association (NRA) have often been the targets of Memcached-based DDoS attacks, according to Qihoo 360’s Network Security Research Laboratory (Netlab). The Chinese company, who has one of the widest views of all Internet traffic due to its leading position on the Chinese market, […]