Recent Comments



    Archive for Malware

    ‘Mathway’ app has been hacked – 25 million passwords stolen

    May 29th, 2020 by

    Scam alert: The popular ‘Mathway’ app has been hacked, resulting in 25 million stolen email address and passwords.

    Do you (or someone you know) use the hugely popular ‘Mathway’ app?

    If so, the email address and password you use with that app are now probably being sold on the dark web.

    Mathway is one of the world’s most popular educational apps, and according to ZDnet and other news sources 25 million Mathway users have had their login information stolen by hackers.”

    Posted in Malware, Security Breeches | No Comments »

    Zyxl patches Network Storage Devices

    February 25th, 2020 by

    Zyxel Fixes 0-day in Network Storage Devices

    “Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. “

    Posted in Malware, Network, Newsletters | No Comments »

    New Internet Explorer Security Flaw in the Wild

    January 19th, 2020 by

    Microsoft will fix an Internet Explorer security flaw under active attack

    “Microsoft has confirmed to TechCrunch that it will fix an Internet Explorer security exploit already being used for “limited targeted attacks.” The vulnerability lets attackers corrupt memory used for the scripting engine in IE9, IE10 and IE11 in a way that would let the intruder run arbitrary code with the same permissions as the user, letting them hijack a PC. It’s believed to be similar to the Firefox issue disclosed a week earlier.”

    Posted in Malware | No Comments »

    New and Nasty Phishing Attack

    January 8th, 2020 by

    Tricky Phish Angles for Persistence, Not Passwords

    “Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertently forward a digital token to the attackers that gives them indefinite access to the victim’s email, files and contacts — even after the victim has changed their password.”

    Posted in Malware, Phishing | No Comments »

    Ransomware shuts down a small company

    January 4th, 2020 by

    Company shuts down because of ransomware, leaves 300 without jobs just before holidays

    “An Arkansas-based telemarketing firm sent home more than 300 employees and told them to find new jobs after IT recovery efforts didn’t go according to plan following a ransomware incident that took place at the start of October 2019.”

    Posted in Malware, Ransomware | No Comments »

    Macy’s Suffers Data Breach

    November 19th, 2019 by

    Macy’s Suffers Data Breach by Magecart Cybercriminals

    “The department store Macy’s is warning that web skimmer malware was discovered on collecting customers’ payment card information. The attack has been linked to Magecart, a notorious umbrella group made up of various cybercriminal affiliates that is known for injecting payment card skimmers into ecommerce websites.”

    Posted in Malware, Security Breeches | No Comments »

    QNAP NAS devices infected with QSnatch malware

    November 3rd, 2019 by

    Thousands of QNAP NAS devices have been infected with the QSnatch malware

    Hackers have infected thousands of network-attached storage (NAS) devices from Taiwanese vendor QNAP with a new strain of malware named QSnatch

    An analysis of the malware’s code revealed the following capabilities:

    Modify OS timed jobs and scripts (cronjob, init scripts)
    Prevent future firmware updates by overwriting update source URLs
    Prevents the native QNAP MalwareRemover App from running
    Extracts and steals usernames and passwords for all NAS users

    Posted in Malware, Network | No Comments »

    Malware Analysis Report (AR19-304A)

    November 1st, 2019 by

    MAR-10135536-8 – North Korean Trojan: HOPLIGHT

    “This artifact is a malicious 32-bit Windows executable. When executed the malware will collect system information about the victim machine including OS Version, Volume Information, and System Time, as well as enumerate the system drives and partitions.

    The malware is capable of the following functions:

    —Begin Malware Capability—

    Read, Write, and Move Files
    Enumerate System Drives
    Create and Terminate Processes
    Inject into Running Processes
    Create, Start and Stop Services
    Modify Registry Settings
    Connect to a Remote Host
    Upload and Download Files”

    Posted in Identity Theft, Malware | No Comments »

    Security Mailer (2019 # 31)

    August 4th, 2019 by

    Security Mailer Volume 2019 Number 31

    • Cisco security advisorie
    • Linux update
    • Microsoft advisory update
    • General Security review of last week
      • iOS 0-day exploits released

    Posted in Malware, Newsletters, Updates | No Comments »

    New Malware sets up proxy for more malware

    August 4th, 2019 by

    New Windows malware sets up proxies on your PC to relay malicious traffic

    A new malware strain targeting Windows systems is rearing its ugly head. Named SystemBC, this malware installs a proxy on infected computers.

    The bad news is that SystemBC never comes alone, and usually, the presence of this malware indicates that a computer was also infected by a second threat.

    Posted in Malware | No Comments »

    « Previous Entries