The Nigelthorn malware has already infected over 100,000 systems in 100 countries by abusing a Google Chrome extension called Nigelify. A new strain of malware, dubbed Nigelthorn malware because it abuses a Google Chrome extension called Nigelify, has already infected over 100,000 systems in 100 countries, most of them in the Philippines, Venezuela, and […]
Haythem Elmir
Mexican Banks Hacked – Leading To Large Cash Withdrawals
Several banks in Mexico have experienced large cash transfers in recent weeks after cyber-criminals infiltrated some financial institutions which led to unauthorized transactions, as claimed by the central bank in an interview with Bloomberg. Banco de Mexico has zeroed in on 5 financial institutions that have had their external connection to […]
Mining passwords from dozens of public Trello boards
Trello, when an error in the publishing strategy is able to put at risk the private data of a huge community of unaware users. A “Security enthusiastic” found a vulnerability in the Trello web management and now with a simple dork is possible to query to mine passwords from dozens […]
REPORT: INTEL FACING NEW SPECTRE-LIKE SECURITY FLAWS
Intel may be facing as many as eight new Spectre-level vulnerabilities in its chips, a new report alleges. The report comes months after the Spectre and Meltdown flaws first rocked the silicon industry in early 2018. German magazine c’t reported on Thursday that the new security flaws in Intel CPUs have been […]
ROMANIAN HACKERS EXTRADITED TO U.S. OVER $18M VISHING SCAM
A pair of Romanian hackers have been extradited to the U.S. after allegedly bilking unwitting victims out of more than $18 million in an elaborate voice- and SMS-phishing (i.e., vishing/smishing) scheme. Teodor Laurentiu Costea and Robert Codrut Dumitrescu were named in the 31-count federal grand jury indictment on August 16 […]
Malicious Apps Get Back on the Play Store Just by Changing Their Name
Security researchers are reporting that malicious Android apps they have detected and reported to Google the first time, have slipped back into the Play Store after changing their name. Seven of these apps have been « rediscovered, » said Symantec in a report published yesterday. The company’s experts say the author of […]
Bank Of Canada Strengthening Defenses Against Cyber-Criminals
Even though many cyber-attacks inevitably succeed the Bank Of Canada is looking to reduce their risk. They have recovery mechanisms in place to limit as much damage as possible and get the financial system back up and running, as claimed by the central bank on Wednesday. Chief Operating Officer Filipe Dinis, said […]
Lenovo releases updates to fix Secure Boot flaw in servers and other issues
Lenovo has released security patches that address the High severity vulnerability CVE-2017-3775 in the Secure Boot function on some System x servers. The standard operator configurations disable signature checking, this means that some Server x BIOS/UEFI versions do not properly authenticate signed code before booting it. “Lenovo internal testing discovered some System x […]
One year later: EternalBlue exploit more popular now than during WannaCryptor outbreak
The infamous outbreak may no longer be causing mayhem worldwide but the threat that enabled it is still very much alive and posing a major threat to unpatched and unprotected systems It’s been a year since the WannaCryptor.D ransomware (aka WannaCry and WCrypt) caused one of the largest cyber-disruptions the world has […]
Phishing Attack Bypasses Two-Factor Authentication
Hacker Kevin Mitnick demonstrates a phishing attack designed to abuse multi-factor authentication and take over targets’ accounts. Businesses and consumers around the world are encouraged to adopt two-factor authentication as a means of strengthening login security. But 2FA isn’t ironclad: attackers are finding ways to circumvent the common best practice. […]