Haythem Elmir

Experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service dubbed GandCrab. advertised in Russian hacking community on the dark web. The GandCrab was advertised in Russian hacking community, researchers noticed that authors leverage the RIG and GrandSoft exploit kits to distribute the malware. “Over the last three days LMNTRIX Labs has been tracking an influx of GandCrab ransomware. The […]

Another day, another ICO-related scam. In an attack similar to that which fooled investors into the Enigma cryptocurrency investment platform, users who were aiming to buy Bee Tokens during a Token Generation Event (i.e., an initial coin offering) were tricked into sending the money to scammers instead. What is the […]

This example is an email containing the subject of “REF: Notification of payment collection” pretending to come from HMRC but actually coming from a look-a-like or typo-squatted domain < noreply@notificationsemailgovuk033.top >  with a malicious word doc attachment  is today’s latest spoof of a well-known company, bank or public authority delivering Trickbot banking Trojan. The initial […]

Just three months after Princeton researchers were warning users of the dangers of « session replay » attacks, developers of malicious Chrome extensions have incorporated this « trick » into their latest « releases. » The term « session replay » refers to JavaScript code that records user activity and then plays it back in exact detail. Over […]

GandCrab blends old and new threat resources as ransomware evolves A ransomware threat called GandCrab emerged during the last week of January, which itself not that newsworthy. However, it’s distribution method and ransom currency choice could be pointers to how 2018 ransomware will evolve. A ransomware threat called GandCrab has […]

Security researchers are seeing an ever-increasing number of malware samples that are experimenting with the Meltdown and Spectre vulnerabilities. According to experts at AV-TEST, Fortinet, and Minerva Labs, several individuals are experimenting with publicly released proof-of-concept (PoC) code for the Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5715, CVE-2017-5753) vulnerabilities. esearchers from AV-TEST […]