(Reuters) – Thousands of websites, including ones run by U.S. and UK government agencies, were infected for several hours on Sunday with code that causes web browsers to secretly mine digital currencies, technology news site The Register reported. More than 4,200 sites were infected with a malicious version of a […]
Dark Web’s largest cybercrime group indicted after stealing $530M
Infraud organization is the largest group of cybercriminals on Dark Web – Their official motto is “In Fraud We Trust.” After managing to steal over $530 million, a cybercrime ring has finally been hammered by US law enforcement authorities and its 36 members have been indicted. The accused have close ties […]
Researcher Uses macOS App Screenshot Feature to Steal Passwords, Tokens, Keys
Malicious app developers can secretly abuse a macOS API function to take screenshots of the user’s screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image. The function is CGWindowListCreateImage, often utilized by Mac apps that take screenshots or live stream a user’s […]
Cyber Attack Disrupts Winter Olympics Website During Opening Ceremony
The Winter Olympics Games Organizing Committee is investigating a cyber attack on the event’s Internet and Wi-Fi system. The attack was carried out 45 minutes before the opening ceremony on Friday night in South Korea. According to the Committee’s spokeswoman, Nancy Park, the country’s Ministry of Defense and a cybersecurity team is investigating […]
fail0verflow hackers found an unpatchable flaw in Nintendo Switch bootROM and runs Linux OS
The group of hackers known as ‘fail0verflow’ has discovered a vulnerability in the gaming console Nintendo Switch that could be exploited to install a Linux distro. The hackers announced their discovery in a post on Twitter, the published an image of a console running the Debian Linux distro after the hack. View […]
Lenovo patches critical flaws that affect Broadcom’s chipsets in dozens of Lenovo ThinkPad
According to a security advisory issued by Lenovo, two critical vulnerabilities in Broadcom chipsets affects at least 25 models of Lenovo ThinkPad. The affected models are ThinkPad 10, ThinkPad L460, ThinkPad P50s, ThinkPad T460, ThinkPad T460p, ThinkPad T460s, ThinkPad T560, ThinkPad X260 and ThinkPad Yoga 260. One of the flaws was discovered in June […]
Hackers are exploiting the CVE-2018-0101 CISCO ASA flaw in attacks in the wild
Hackers are exploiting the CVE-2018-0101 CISCO ASA flaw in attacks in the wild and a Proof-of-concept exploit code is available online. This week, Cisco has rolled out new security patches for a critical vulnerability, tracked as CVE-2018-0101, in its CISCO ASA (Adaptive Security Appliance) software. This is the second the tech giant issued a […]
Russian Scientists Arrested for Using Nuclear Weapon Facility to Mine Bitcoins
Two days ago when infosec bods claimed to have uncovered what’s believed to be the first case of a SCADA network (a water utility) infected with cryptocurrency-mining malware, a batch of journalists accused other authors of making fear-mongering headlines, taunting that the next headline could be about cryptocurrency-miner detected in a nuclear […]
New Tech Support Scam Freezes Chrome, Firefox & Brave Browser
Another day, another tech support scam – This scam aims at freezing Internet browsers and trick users into calling tech support scam where scammers try stealing personal data. A new scam campaign has been discovered by Malwarebytes researchers that targets the most reliable internet browsers in the world including Google […]
UDPOS PoS malware exfiltrates credit card data DNS queries
A new PoS malware dubbed UDPoS appeared in the threat landscape and implements a novel and hard to detect technique to steal credit card data from infected systems. The UDPoS malware was spotted by researchers from ForcePoint Labs, it relies upon User Datagram Protocol (UDP) DNS traffic for data exfiltration instead of HTTP that is the […]