Recent Comments

    Blogroll

    Search

    Archive for Malware

    Macy’s Suffers Data Breach

    November 19th, 2019 by

    Macy’s Suffers Data Breach by Magecart Cybercriminals

    “The department store Macy’s is warning that web skimmer malware was discovered on Macys.com collecting customers’ payment card information. The attack has been linked to Magecart, a notorious umbrella group made up of various cybercriminal affiliates that is known for injecting payment card skimmers into ecommerce websites.”

    Posted in Malware, Security Breeches | No Comments »

    QNAP NAS devices infected with QSnatch malware

    November 3rd, 2019 by

    Thousands of QNAP NAS devices have been infected with the QSnatch malware

    Hackers have infected thousands of network-attached storage (NAS) devices from Taiwanese vendor QNAP with a new strain of malware named QSnatch

    An analysis of the malware’s code revealed the following capabilities:

    Modify OS timed jobs and scripts (cronjob, init scripts)
    Prevent future firmware updates by overwriting update source URLs
    Prevents the native QNAP MalwareRemover App from running
    Extracts and steals usernames and passwords for all NAS users

    Posted in Malware, Network | No Comments »

    Malware Analysis Report (AR19-304A)

    November 1st, 2019 by

    MAR-10135536-8 – North Korean Trojan: HOPLIGHT

    “This artifact is a malicious 32-bit Windows executable. When executed the malware will collect system information about the victim machine including OS Version, Volume Information, and System Time, as well as enumerate the system drives and partitions.

    The malware is capable of the following functions:

    —Begin Malware Capability—

    Read, Write, and Move Files
    Enumerate System Drives
    Create and Terminate Processes
    Inject into Running Processes
    Create, Start and Stop Services
    Modify Registry Settings
    Connect to a Remote Host
    Upload and Download Files”

    Posted in Identity Theft, Malware | No Comments »

    Security Mailer (2019 # 31)

    August 4th, 2019 by

    Security Mailer Volume 2019 Number 31

    • Cisco security advisorie
    • Linux update
    • Microsoft advisory update
    • General Security review of last week
      • iOS 0-day exploits released

    Posted in Malware, Newsletters, Updates | No Comments »

    New Malware sets up proxy for more malware

    August 4th, 2019 by

    New Windows malware sets up proxies on your PC to relay malicious traffic

    A new malware strain targeting Windows systems is rearing its ugly head. Named SystemBC, this malware installs a proxy on infected computers.

    The bad news is that SystemBC never comes alone, and usually, the presence of this malware indicates that a computer was also infected by a second threat.

    Posted in Malware | No Comments »

    Russian meddling in social media and email accounts used by election officials

    July 26th, 2019 by

    The Unsexy Threat to Election Security

    “Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and email accounts used by election officials at the state and local level.”

    Posted in Malware, Newsletters, Security Breeches | No Comments »

    Some HP machines may have a keylogger installed

    July 22nd, 2019 by

    Some HP machines have a keylogger installed with the Audio Driver, here’s how to disable it

    The keylogger, packaged with the Conexant HD Audio Driver Package in version 1.0.0.46 and earlier, has been discovered by researchers. With this audio driver comes a file, MicTray64.exe (or MicTray.exe for non-64-bit users), which has a Scheduled Task to run each time the user logs-on to their machine. Essentially, each time a key on the keyboard is pressed, it records it. The keystrokes are then stored in a plaintext file – definitely not a secure way of storing every key pressed on a machine.

    The keystroke log is stored at C:\users\public\MicTray.log.

    Posted in Malware, Security Breeches | No Comments »

    Have QuickBooks in the cloud? Not a good situation!!

    July 20th, 2019 by

    QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack

    “Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. Unfortunately for iNSYNQ, the company appears to be turning a deaf ear to the increasingly anxious cries from its users for more information about the incident.”

    Posted in Malware, Security Breeches | No Comments »

    Dell’s SupportAssist utility has a significant security flaw

    June 22nd, 2019 by

    Security Flaw in Pre-Installed Dell Support Software Affects Million of Computers

    ” Dell’s SupportAssist utility that comes pre-installed on millions of Dell laptops and PCs contains a security vulnerability that could allow malicious software or rogue logged-in users to escalate their privileges to administrator-level and access sensitive information.”

    Posted in Malware | No Comments »

    Tech Support Scams in Google Search Ads

    June 8th, 2019 by

    Google Search Ads Infiltrated Again by Tech Support Scam

    Yet another reason why I never, ever, click on an “Ad” from a Google search…

    f you are planning on doing any shopping over the weekend, you may want to be careful when doing searches in Google. This is because scammers have infiltrated Google’s ad network to redirect users to tech support scams when they click on popular search terms such as Lowes and PayPal.

    A security research recently told BleepingComputer about a new malvertising campaign that is causing searches for the keyword “Lowes” to redirect a user to a tech support scam.

    Posted in Identity Theft, Malware | No Comments »

    « Previous Entries