Group-IB: The online market for counterfeit goods in Russia has reached $1,5 billion, while the number of phishing attacks has surpassed 1,200 daily Group-IB, an international company that specialises in the prevention of cyber attacks, has estimated that online sales of counterfeit goods are now worth $1.5 billion. This information was […]
Microsoft fixed the Zero-Day for JET flaw, but the fix is incomplete
Experts from 0Patch revealed that the Microsoft Zero-Day Patch for JET Database Engine vulnerability (CVE-2018-8423) is incomplete. The vulnerability was discovered by the researcher Lucas Leong of the Trend Micro Security Research team that publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows. The flaw is an out-of-bounds (OOB) write in […]
Facebook a confirmé que les hackers ont volé des données personnelles détaillées de 14 millions de personnes
Le 28 septembre dernier, Facebook annonçait le piratage d’environ 50 millions de comptes dans une attaque considérée comme étant la plus importante de l’histoire du réseau social. Selon Facebook, les attaquants ont exploité une vulnérabilité de sécurité résultant de l’interaction de trois bogues distincts sur deux fonctionnalités du réseau social, à savoir, […]
Cybercriminals Advertising Godzilla Loader Malware On Dark Web Forums
Cybercriminals Advertising Godzilla Loader Malware for $500 on Dark web forums, the malware found actively maintained and getting new updates periodically. Godzilla modern downloader or dropper which first runs the binary on victim’s machine and then it downloads the payload form a remote server. According to Checkpoint investigation, the Godzilla […]
GPlayed Trojan – .Net playing with Google Market
Introduction In a world where everything is always connected, and mobile devices are involved in individuals’ day-to-day lives more and more often, malicious actors are seeing increased opportunities to attack these devices. Cisco Talos has identified the latest attempt to penetrate mobile devices — a new Android trojan that we […]
Facebook removes 800 accounts and pages for political spam, disinformation
Facebook removed today 559 Pages and 251 accounts that engaged in political spam and disinformation –or « inauthentic activity, » as the company refers to this behavior. The social network said spam is a regular problem on its platform. Bad actors create multiple accounts to post, vote, and promote their own content, […]
New Sextortion Scam Pretends to Come from Your Hacked Email Account
Sextortion scams are when an attacker sends emails to people stating that their computer is hacked and that the attackers have been recording the screen and webcam as the user visits adult sites. The scammers then blackmail the recipients by stating they will release the videos if they do not receive a […]
Juniper Networks provides dozens of fix for vulnerabilities in Junos OS
Juniper Networks has released security updates to address serious vulnerabilities affecting the Junos operating system. This week, Juniper Networks has patched dozens of serious security provided security patches for each of them, the security advisories are available on the company website. The most severe flaw is probably the CVE-2018-0049, which could be exploited […]
Stealthy Fake Adobe Flash Updates Tout Malicious Crypto Miners
A fake Adobe update actually updates victims’ Flash – but also installs malicious cryptomining malware. While fake Flash updates that push malware have traditionally been easy to spot and avoid, a new campaign has employed new tricks that stealthily download cryptocurrency miners on Windows systems. To the average user, the […]
Hackers Exploit Drupalgeddon2 to Install Backdoor
A threat actor was observed targeting Drupal vulnerabilities patched earlier this year to install a backdoor on compromised servers, IBM reports. The hackers target CVE-2018-7600, or Drupalgeddon2, a critical vulnerability found to impact Drupal versions 6, 7 and 8, but which was addressed in March this year. Assigned a risk score […]