News

Sharkbot malware bites again

Sharkbot malware bites again

Recently the researchers from the Check Point Research (CPR) team warned users over still present danger of Sharkbot malware found this year on Google Play. Although the findings were immediately reported to Google and removed, the team says they found new malicious Sharkbot applications. What is Sharkbot malware? Sharkbot is an Android stealer that pretends to be an AV solution …

Read More »

Multifunctional Borat RAT

Multifunctional Borat Rat

Cybersecurity specialists warn users over a new threat emerging — Borat RAT. The new malware shows multifunctional capabilities of incredible specter. During their regular OSINT research specialists from Cyble Research Labs came across a very unusual Remote Access Trojan (RAT) named Borat. The interesting thing about this malware is that it provides not only the traditional RAT features but also …

Read More »

Microsoft Azure vulnerabilities allow for RCE in IoT devices

Microsoft Azure vulnerabilities allow for RCE in IoT devices

With the IoT world growing rapidly the cybersecurity experts take more time to investigate this particular field of technology. Recently researchers from Sentinel Lab published a report of their findings on discovered vulnerabilities in Microsoft Azure for IoT devices that allow for remote code execution. Which vulnerabilities have been found? Last year researchers from Sentinel Lab discovered a few vulnerabilities …

Read More »

Ransomware precursors. What’s it?

Ransomware precursors. What's it?

Recently researchers from cybersecurity company Lumu Technologies published quite an informative flashcard on ransomware. In 2021 they collected 21,820,764 indicators of compromise that were related to one of the crucial steps of ransomware attack — ransomware precursor. What is the ransomware precursor? Specialists from Lumu Technologies note that ransomware attacks don’t come from nowhere. On the contrary these are often …

Read More »

URL phishing in Instagram, Facebook messenger and WhatsApp

URL phishing in Instagram, Facebook messenger and WhatsApp

It became known that users of the major messaging apps can be in danger of the potential phishing attacks masqueraded as the legitimate looking links. Several leading messaging and email platforms including Facebook messenger, Signal, Whatsapp, Instagram and iMessage now present it’s users with a possibility of getting phished via URL changing trick. Where does the trick hide? Cybersecurity specialists …

Read More »

Conti leak review. How much ransomware criminals earn?

How much ransomware criminals earn?

If you ever wondered how much those hackers guys earn you might take a glimpse now. On February 27, 2022 a Twitter account named @ContiLeaks and many others similar accounts started to post quite juicy details about the underworld money and employees. “I know you, you know me, we know us” The leaks mainly concern Gold Blackburn and Gold Ulrick …

Read More »

Diavol ransomware decryption tool

Diavol ransomware decryption tool

Attention to everyone! Some good news arrived. Every user who has fallen victim to Diavol ransomware now can get their files recovered with a free decryption tool. How to use the free decryption tool? Before using the tool consider the next. It’s important for the successful usage of the decryption solution. Make sure to quarantine the malware so it won’t …

Read More »

LokiLocker ransomware is on the scene

LokiLocker ransomware is on the scene

Researchers from BlackBerry report about a new identified ransomware family. LokiLocker RaaS has recently come out on the scene and as cybersecurity experts say it doesn’t hold the Norse god’s name for nothing. In an extensive article researchers gave the detailed dig up into LokiLocker`s code, explained how the ransomware works and also wrote a short advice on how users …

Read More »

Electron Bot Malware on Microsoft’s Official Store

Electron Bot Malware on Microsoft’s Official Store

Check Point Research (CPR) reports over a new kind of malware distributed via Microsoft’s official store. The new threat is capable of taking control over social media accounts on SoundCloud, Google and Facebook. The researchers report that malware has already infected over 5000 active devices worldwide. It shows the ability to register new accounts, log in, make comments and even …

Read More »

Say “no” to pixelation

Say “no” to pixelation

And now if you think that some of your pixelated pictures on Instagram where you present to the internet public your newly obtained driver’s license doesn’t bring you in danger, we have to warn you: some threat actors can “depixelate” your “you thought so” thoroughly secured by the pixels the driver’s license info. Dan Petro, Lead Researcher at Bishop Fox …

Read More »

Google released February patches for Android

Google released February patches for Android

Shortly after Microsoft, Google also released February patches but for Android devices. Two of the patched vulnerabilities specialists estimate as critical. One of which allows for elevating rights on a system remotely without any user interaction. Another vulnerability that has received critical status was found in one of the Qualcomm’s closed source components. What do those February patches for Android …

Read More »

Gamaredon/ ACTINIUM targets Ukrainian organizations

Gamaredon/ ACTINIUM targets Ukrainian organizations

Recently the Microsoft Threat Intelligence Center (MSTIC) shared on Microsoft Security blog it’s report on ACTINIUM, a threat group that has been targeting Ukrainian organizations for almost a decade. “As with any observed nation-state actor activity, Microsoft directly notifies customers of online services that have been targeted or compromised, providing them with the information they need to secure their accounts,” …

Read More »

What’s new in Google Chrome 98?

What’s new in Google Chrome 98?

Google has just recently announced the release of a new version of Chrome browser 98 available for the stable channel for Windows, Mac and Linux. The version will also be released to the company’s new extended channel for Windows and Mac. The roll out will come up over the coming days/weeks. Chrome 98.0.4758.80/81/82 for windows and 98.0.4758.80 for mac and …

Read More »

The State of Healthcare IoT Device Security 2022

The State of Healthcare IoT Device Security 2022

Cynerio, a company that provides healthcare facilities with its Healthcare IoT platform, recently published a report on the current state of connected medical device security in hospitals of all sizes. The company’s research report on the industry covers the various crucial questions.The report also contains the executive summary and the background of the research. “For decades, patient care has seen …

Read More »

Microsoft blocks Internet macros by default in Office

Microsoft blockes Internet macros by default in Office

Microsoft announces it introduces new changes to it’s automation capabilities called active content in Office (The most common kinds are macros). If earlier users could enable them by clicking the corresponding button now they will see the Learn more button where they could learn the possible danger the received files might present and what possible solutions might be done to …

Read More »

Zoom Zero-click Exploits explained by Project Zero

Zoom Zero-click Exploits explained by Project Zero

Recently Natalie Silvanovich from Google’s Project Zero team published a post where she explained the details of the two vulnerabilities found and reported to Zoom previously. She gave an extensive analysis of a buffer overflow and an info leak vulnerabilities; both fixed on November 24, 2021. The first vulnerability affected both Zoom clients and MMR servers while the second one …

Read More »

Telegram is the “choice of the year” for cybercriminals

Telegram is the choice of the year for cybercriminals

Sixgill, an Israeli B2B cyber intelligence company that analyzes and monitors the deep web and dark web for threat intelligence, on its company’s blog shared their recent research into the depths of the Telegram criminal community. According to the specialists, Telegram, a freeware, cross-platform, cloud-based instant messaging (IM) service became the real “ choice of the year” for various kinds …

Read More »

Europol targeted VPNlab.net, a major ransomware service

Europol targeted VPNlab.net, a major ransomware service

Europol, the law enforcement agency of the European Union (EU) not long ago announced the shut down of one of the major VPN services actively used by cybercriminals for different purposes. On January 17 the joint forces of 10 countries with Europol at the head conducted the seizure or take down of over 15 VPNlab.net servers in different countries. Cybercriminals …

Read More »

Ukrainian organizations under malware attacks

Microsoft reports about malware detection in Ukrainian organizations

In their blog Microsoft reports about malware attacks that have recently defaced several Ukrainian government and other organizations’ sites. The team first detected the malware on January 13th 2022. They already notified all relevant government agencies in the United States and elsewhere, as well as the victims of the attack. The team shared all available so far information with other …

Read More »

Investment domains for trading fake stocks and cryptocurrencies

Fraudsters create domains for trading stocks and cryptocurrencies

At the beginning of 2021 experts from the CERT-GIB center saw a significant rise in the activity of fake investors. They say that over the past nine months the number of fraudulent domains grew to 163%. Group-IB specialists recorded more than 50 different schemes and 8 thousand domains of fraudulent investment projects related to the sale of shares and digital …

Read More »

Top 10 the most popular phishing scamming of 2021

Top 10 the most popular scammings of 2021

The analytics from Positive Technologies recently published a report where they discussed the most common types of phishing scam as of 2021 year. They say with the rise of remote modes of work and COVID-19 epidemic the most popular themes included various scenarios. Scammers tried their hands on whatever is possible in online world nowadays and among them in particular …

Read More »

Let the Facebook Pixel Hunt begin

Let the Facebook Pixel Hunt begin

Mozilla, a browser maker, recently announced its collaboration with a non-profit newsroom Markup. The collective efforts of two organizations will be directed towards research into a particular field of the internet that often remains overlooked by users, researchers and policymakers. This time under the scrupulous eyes of specialists and journalists the major social platform Facebook will receive its check. The …

Read More »

Fix for Microsoft Exchange 2022 year bug

Fix for Microsoft Exchange 2022 year bug

Microsoft released a fix for the Exchange bug that disturbed email delivery on on-premise Microsoft Exchange servers. Exactly at the New Year Exchange admins worldwide found out that the servers couldn`t deliver emails somehow. Instead they were pushed in line and Windows event log showed errors. For the time being Microsoft released a temporary fix. It will require users to …

Read More »

If you knock on Strategically Aged Domains` doors

If you knock on Strategically Aged Domains` doors

Palo Alto Network, an American cybersecurity company, does not waste any time even on holidays and two days before New Year published their quite informative research on strategically aged domains and what threats they pose. According to the post such domains present risk even greater than those newly registered domains (NRDs). In comparison to the data received in the research, …

Read More »

Volvo Cars cyber security breach

Volvo Cars cyber security breach

In its press release Volvo Cars, a Swedish multinational manufacturer of luxury vehicles headquartered in Torslanda, Gothenburg reported about the illegal access of its file repositories by a third party. After the discovery of the breach, the company notified relevant authorities and undertook measures to prevent further access to its property. Immediately with the news of the data breach, shares …

Read More »

Cryptbot hides in KMSPico

Cryptbot hides in KMSPico

Cyber security warns all pirated software enthusiasts to beware the infection of Cryptbot. They detected an incident where this infostealer was dropped by a fake KMSPico installer. Hackers have applied different means to distribute the malware. Recently specialists observed its deployment via “cracked” software and in particular threat actors disguised it as KMSPico. Along with this many organizations use illegitimate …

Read More »

Magnat campaigns delivering fake installers

Magnat campaigns delivering fake installers

Cyber security specialists warn of the Magnat malicious distribution waves targeted at the potential users of some most popular software. Threat actors use the methods of malvertising to successfully distribute their malicious software installer. The work presents itself especially tricky as it predisposes its victims to a high degree of trust and feeling of legitimacy. In malvertising threat actors use …

Read More »

Apache Log4j Vulnerability explained by Google

Apache Log4j Vulnerability explained by Google

On December 17th, 2021 in their blog Google Open Source Insights Team explained the whole situation they observed concerning Apache Log4j Vulnerability. They described the widespread vulnerability and current progress in fixing the open source JVM ecosystem. Also Team shared their thoughts on how long it will possibly take for this vulnerability to be fixed across the entire ecosystem and …

Read More »

Major security test reveal vulnerabilities in all common Wi-Fi routers

Major security test reveal vulnerabilities in all common Wi-Fi routers

How safe wifi routers can be? In a world where the Internet is another human habitat who knows what can lurk there. And here comes your stronghold router. Editors from German magazine Chip and experts from IoT Inspector have put to test for vulnerabilities the most popular routers. The results turned out to be negatively exceeding. Researchers have put to …

Read More »

IKEA under attack of internal phishing campaign

IKEA under attack of internal phishing campaign

Recently IKEA, a Swedish-origin Dutch-headquartered multinational conglomerate, reported the waves of an internal phishing campaign. Threat actors used internal compromised servers to send company’s employees emails with malicious attachments. Cyber security specialists say similar techniques hackers used in recent campaigns of spreading Emotet and Qakbot trojans. The whole complexity of the situation alludes that there may be possible cyber security …

Read More »