Hacking – Page 38

Banks and crypto wallets: unveiling a global malware campaign using Zeus/Panda

Haythem Elmir 7 ans ago

For the past weeks our Threat Intelligence team has been following an enxtesive campaign, possibly operated by the same group, targeting a large amount of financial institutions, cyptocurrency wallets and the occasional Google and Apple accounts. The attackers target their victims both with Phishing emails, typo-squatted domains and malicious attachments […]

Silence Group Quietly Emerges as New Threat to Banks

Haythem Elmir 7 ans ago

Though only two members strong, hackers pose a credible threat to banks in Russia and multiple countries. A pair of Russian-speaking hackers, likely working in legitimate information security roles, has quietly emerged as a major threat to banks in Russia and numerous other former Soviet republics in recent months. The […]

Hacking

Cisco Releases 16 Security Alerts Rated Critical and High

Haythem Elmir 7 ans ago

Cisco published on Wednesday 30 security advisories on vulnerabilities identified in its products. Half of them are for high and critical severity bugs. Only three alerts refer to security problems with critical impact; among them is the recently disclosed remote code execution vulnerability in Apache Struts, for which several proof-of-concept exploits exist. Cisco notes that not […]

Hacking

PowerPool malware exploits ALPC LPE zero-day vulnerability

Haythem Elmir 7 ans ago

Malware from newly uncovered group PowerPool exploits zero-day vulnerability in the wild, only two days after its disclosure On August 27, 2018, a so-called zero-day vulnerability affecting Microsoft Windows was published on GitHub and publicized via a rather acerbic tweet. Source: Twitter It seems obvious that this was not part of a […]

Hacking

FIN6 returns to attack retailer point of sale systems in US, Europe

Haythem Elmir 7 ans ago

A new malware campaign has been detected which is targeting point-of-sale (PoS) systems across the United States and Europe. On Wednesday, researchers from IBM X-Force IRIS said the attacks have been attributed to the FIN6 cybercriminal group. This is only the second time that a campaign has been documented which appears to […]

New OilRig APT campaign leverages a new variant of the OopsIE Trojan

Haythem Elmir 7 ans ago

The Iran-linked APT group OilRig was recently observed using a new variant of the OopsIE Trojan that implements news evasion capabilities. Experts at Palo Alto observed a new campaign carried out by the Iran-linked APT group OilRig that was leveraging on a new variant of the OopsIE Trojan. The OilRig hacker group is an Iran-linked APT that has […]

Hacking

DES MILLIERS DE ROUTEURS MIKROTIK PIRATÉS DANS LE TRAFIC RÉSEAU

Haythem Elmir 7 ans ago

Le mois dernier, nous avons signalé une vaste campagne de cryptage de logiciels malveillants qui avait détourné plus de 200 000 routeurs MikroTik. En utilisant une vulnérabilité révélée précédemment dans les fuites de CIA Vault 7 . Les chercheurs en sécurité de Qihoo 360 Netlab ont découvert que sur 370 000 routeurs MikroTik potentiellement vulnérables, […]

Hacking

Group-IB UncoversAPT- attacks on Banks: The Sound of Silence

Haythem Elmir 7 ans ago

Researchers at security firm Group-IB have exposed the attacks carried out by the Silence cybercriminal group, providing details on its tactics and tools. Experts at security firm Group-IB have exposed the attacks committed by Silence cybercriminal group. While the gang had previously targeted Russian banks, Group-IB experts also have discovered evidence of the group’s activity in […]

Hacking

New BondPath Android Spyware Retrieves Chat Data From Messaging Apps

Haythem Elmir 7 ans ago

Researchers uncovered an Android spyware family called BondPath that is capable of retrieving chats from several mobile messaging apps while spying on other types of information. BondPath has been around since May 2016, but in July 2018, researchers at Fortinet observed that some samples were still in the wild. Those […]

Hacking

MEGA.nz, l’extension Chrome devenue pirate malgré elle

Haythem Elmir 7 ans ago

Une extension corrompue a volé des mots de passe pour les comptes Google, Microsoft, GitHub et Amazon, mais aussi des clés privées Monero et Ethereum. L’extension Chrome officielle du service de partage de fichiers MEGA.nz a été compromise avec un code malveillant. Conséquence : elle vole les noms d’utilisateur et les […]