Cybercriminals are using the most sophisticated techniques to bypass the security controls in various organization such as IT, medical, manufacturing industries, energy sectors, even government entities. Sometimes developers are creating a backdoor for a legitimate purpose such as maintenance and easy accessibility during the technical issue via a remote location. But […]
Dark Web Malware Builder Allow Attackers To Create Malware That Steals Passwords & Credit Card Data
Researchers from Checkpoint spotted a free online builder for building customized binaries for the popular info-stealer Azorult malware that steals user passwords, credit card information, cryptocurrency related data. The Gazop service emerged as a result of the source code leak of Azorult’s panel version 3.1 and 3,2. the free Gazorp service […]
Phishing Attack Uses Azure Blob Storage to Impersonate Microsoft
Even though phishing attacks can be quite convincing, a give away is when diligent users notice that the login form is unsecured or the SSL certificate is clearly not owned by the company being impersonated. A new Office 365 phishing attack utilizes an interesting method of storing their phishing form […]
APT38: Details on New North Korean Regime-Backed Threat Group
Today, we are releasing details on the threat group that we believe is responsible for conducting financial crime on behalf of the North Korean regime, stealing millions of dollars from banks worldwide. The group is particularly aggressive; they regularly use destructive malware to render victim networks inoperable following theft. More […]
Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack
Experts discovered nine vulnerabilities affecting NAS devices that could be exploited by unauthenticated attackers to access protected content. Nine flaws affecting NAS devices could be exploited by unauthenticated attackers to access protected content. The vulnerabilities are traked as CVE-2018-9074, CVE-2018-9075, CVE-2018-9076, CVE-2018-9077, CVE-2018-9078, CVE-2018-9079, CVE-2018-9080, CVE-2018-9081 and CVE-2018-9082. According to Lenovo, the flaws affect 20 models of network attached storage […]
New Danabot Banking Malware campaign now targets banks in the U.S.
According to malware researchers from Proofpoint, DanaBot attackers launched a new campaign aimed at banks in the United States. A couple of weeks ago, security experts at ESET observed a surge in activity of DanaBot banking Trojan that was targeting Poland, Italy, Germany, Austria, and as of September 2018, Ukraine. DanaBot is a multi-stage modular […]
INSTAGRAM DOWN: APP NOT WORKING AS IT REFUSES TO LOAD PEOPLE’S PICTURES AND PROFILES
UPDATE: Instagram is now back online after almost an hour-long outage. It’s still unclear what caused the problems but users are now able to access their account. ORIGINAL STORY: Instagram users are facing a morning without access to the popular social media service as both the app and website appear to be down […]
WifiPhisher – WiFi Crack and Phishing Framework
Wifiphisher is an open source framework that can be utilised for red team engagements for wireless networks through Man in the Middle attacks. The tool is capable of using the modern wifi association techniques, such as Known Beacons, KARMA, and Evil Twin. With the ‘Known Beacons’ technique, Wifiphisher broadcasts ESSIDs […]
Researchers associated the recently discovered NOKKI Malware to North Korean APT
Security experts from Palo Alto Networks have collected evidence that links the recently discovered NOKKI malware to North Korea-Linked APT. Researchers from Palo Alto Networks have spotted a new variant of the KONNI malware, tracked as NOKKI. that was attributed to North Korea-linked attackers. NOKKI borrows the code from the KONNI malware, the latter […]
North Korean HIDDEN COBRA Hackers Using New Attack Called “FASTCash” to Cash-out From ATM Machine
North Korean governments sponsored & worlds most famous hacking group HIDDEN COBRA using a new Attack called “FASTCash” to cash out from the ATM Machine by compromising the bank server. using a various mechanism to compromise and maintain the persistance in the victim’s network. In this case, FBI & DHS issued a serious […]