ESET researchers have discovered malicious apps impersonating various financial services and the Austrian cryptocurrency exchange Bitpanda on Google Play. The fake apps Uploaded to Google’s official app store in June 2018 and collectively downloaded and installed over a thousand times, upon launch the apps would immediately request the user to […]
Evil Clone Attack – Hackers Injecting Crypto-mining Malware into Legitimate PDF Software
Cybercriminals using a new type of attack called Evil clone to inject Cryptocurrency malware into legitimate PDF software to Mine cryptocurrency with the help of CoinHive miner. Cryptocurrency malware is dramatically increasing this year to compromise various victims and an attacker generates huge revenue by illegally running miner using victims […]
ZDI Exposed Unpatched Microsoft RCE Zero-day Flaw in Public After it Crossed the 120 Days Deadline
A Microsoft Zero-day vulnerability that existing in Microsoft JET Database Engine has been crossed zero-day Initiative (ZDI) 120 days disclosure deadline and now it released in public. ZDI initially reported this zero-day flow to Microsoft on May 8, 2018, since then Microsoft acknowledged the vulnerability and started working on it […]
Cisco fixes Remote Code Execution flaws in Webex Network Recording Player
Cisco released security patches to fix RCE flaws in the Webex Network Recording Player for Advanced Recording Format (ARF). Cisco released security patches to address vulnerabilities in the Webex Network Recording Player for Advanced Recording Format (ARF) (CVE-2018-15414, CVE-2018-15421, and CVE-2018-15422) that could be exploited by an unauthenticated, remote attacker to […]
Hackers stole $60 Million worth of cryptocurrencies from Japanese Zaif exchange
Cybercriminals have stolen 6.7 billion yen ($60 million) worth of cryptocurrencies from the Japanese digital currency exchange Zaif exchange. According to the Tech Bureau Corp., a Japanese cryptocurrency firm, hackers have compromised its Zaif exchange and have stolen 6.7 billion yen ($60 million) worth of cryptocurrencies, including Bitcoin, Monacoin, and Bitcoin […]
3000 Hacked Websites Access comes to Sale in Russian Underground Dark Web Marketplace
Cybercriminals listed 3000 Hacked websites access for sale in Russian based underground marketplace that sells for less than $50. The underground marketplace is the best area for criminals where they can sell and buy various maliciou software and stolen data for a very cheapest price. This hacked website selling in Russian-speaking underground marketplace called MagBo where the advertisement […]
Intrusion Detection System (IDS) and Its Detailed Working Function – SOC/SIEM
An intrusion detection system (IDS) is a type of security software designed to automatically alert administrators when someone or something is trying to compromise information system through malicious activities such as DDOS Attacks or through security policy violations. An IDS works by monitoring system activity through examining vulnerabilities in the system, the integrity of […]
US State Department confirms data breach to unclassified email system
The US State Department confirmed that hackers breached one of its email systems, the attack potentially exposed personal information of some of its employees. The incident seems to have affected less than 1% of employee inboxes, 600-700 employees out of 69,000 people. “The Department recently detected activity of concern in its unclassified email […]
Sustes Malware: CPU for Monero
Sustes Malware doesn’t infect victims by itself, but it is spread via brute-force activities with special focus on IoT and Linux servers. Today I’d like to share a simple analysis based on a fascinating threat that I like to call Sustes (you will see name genesis in a bit). Everybody knows Monero […]
Adobe issued a critical out-of-band patch to address CVE-2018-12848 Acrobat flaw
Adobe releases a critical out-of-band patch for CVE-2018-12848 Acrobat flaw, the security updates address a total of 7 vulnerabilities. Adobe address seven vulnerability in Acrobat DC and Acrobat Reader DC, including one critical vulnerability that could be exploited by attackers to execute arbitrary code. “Adobe has released security updates for Adobe […]