Hacking

Cybercriminals Advertising Godzilla Loader Malware for $500 on Dark web forums, the malware found actively maintained and getting new updates periodically. Godzilla modern downloader or dropper which first runs the binary on victim’s machine and then it downloads the payload form a remote server. According to Checkpoint investigation, the Godzilla […]

Introduction In a world where everything is always connected, and mobile devices are involved in individuals’ day-to-day lives more and more often, malicious actors are seeing increased opportunities to attack these devices. Cisco Talos has identified the latest attempt to penetrate mobile devices — a new Android trojan that we […]

Facebook removed today 559 Pages and 251 accounts that engaged in political spam and disinformation –or « inauthentic activity, » as the company refers to this behavior. The social network said spam is a regular problem on its platform. Bad actors create multiple accounts to post, vote, and promote their own content, […]

Sextortion scams are when an attacker sends emails to people stating that their computer is hacked and that the attackers have been recording the screen and webcam as the user visits adult sites. The scammers then blackmail the recipients by stating they will release the videos if they do not receive a […]

Juniper Networks has released security updates to address serious vulnerabilities affecting the Junos operating system. This week, Juniper Networks has patched dozens of serious security provided security patches for each of them, the security advisories are available on the company website. The most severe flaw is probably the  CVE-2018-0049, which could be exploited […]

A fake Adobe update actually updates victims’ Flash – but also installs malicious cryptomining malware. While fake Flash updates that push malware have traditionally been easy to spot and avoid, a new campaign has employed new tricks that stealthily download cryptocurrency miners on Windows systems. To the average user, the […]

A threat actor was observed targeting Drupal vulnerabilities patched earlier this year to install a backdoor on compromised servers, IBM reports. The hackers target CVE-2018-7600, or Drupalgeddon2, a critical vulnerability found to impact Drupal versions 6, 7 and 8, but which was addressed in March this year. Assigned a risk score […]

L’analyse par ESET d’une récente backdoor (ou porte dérobée) utilisée par TeleBots – le groupe à l’origine de l’épidémie massive de rançon de NotPetya – révèle de fortes similitudes de code avec la backdoor principale d’Industroyer, révélant une connexion rumeur qui n’avait pas été démontrée auparavant. rmi les incidents de […]

  Security researchers found the missing link that helps them prove that the NotPetya disk-wiping malware and the Industroyer backdoor for electric power systems are the work of the TeleBots group. Both pieces of malware were used in attacks against targets in Ukraine and researchers have found clues in the past pointing to the […]

A brand-new approach to harvesting credentials hinges on users’ lack of cloud savvy. A fresh tactic for phishing Office 365 users employs credential-harvesting forms hosted on Azure Blob storage – signed with legitimate Microsoft SSL certificates to lend an air of legitimacy. Azure Blob Storage is a cloud storage solution […]