Recent Comments



    Archive for Malware

    Yet another breach: Buca di Beppo

    March 30th, 2019 by

    Once more a malware installed on Point of Sale terminals…

    A Month After 2 Million Customer Cards Sold Online, Buca di Beppo Parent Admits Breach

    Posted in Identity Theft, Malware, Security Breeches | No Comments »

    Microsoft: Less Malware… More Phishing

    March 5th, 2019 by

    Microsoft Sees 250% Phishing Increase, Malware Decline by 34%

    “Phishing attacks have seen an impressive 250% increase between January and December 2018, with attackers moving to multiple points of attacks during the same campaign, switching between URLs, domains, and servers when sending e-mails and hosting phishing forms.”

    Posted in Identity Theft, Malware, Phishing | No Comments »

    DNS Infrastructure Hijacking Campaign

    January 25th, 2019 by

    Alert (AA19-024A) DNS Infrastructure Hijacking Campaign

    “The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolve. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organization’s domain names, enabling man-in-the-middle attacks.”

    Posted in Malware, Scams, Security Breeches | No Comments »

    Your “free” VPN may be owned by the Chinese

    January 22nd, 2019 by

    Who’s Really Behind the World’s Most Popular Free VPNs?

    “Over half (59%) of the apps studied ultimately have Chinese ownership or are based in China, despite its strict ban on VPNs and its notorious internet surveillance regime. This raises questions about why these companies — which have such large international user bases — have been allowed to continue operating.”

    Posted in Malware | No Comments »

    WiFi firmware bug affects laptops, smartphones, routers, gaming devices

    January 20th, 2019 by

    WiFi firmware bug affects laptops, smartphones, routers, gaming devices

    List of impacted devices includes PS4, Xbox One, Samsung Chromebooks, and Microsoft Surface devices.

    Posted in Malware, Security Breeches | No Comments »

    Be careful with “Non-Delivery” notices from Office 365

    December 17th, 2018 by

    Phishing Attack Pretends to be a Office 365 Non-Delivery Email

    “A phishing campaign has been discovered that pretends to be a non-delivery notifications from Office 365 that leads you to a page attempting to steal your login credentails.

    This new campaign was discovered by ISC Handler Xavier Mertens and states that “Microsoft found Several Undelivered Messages”. It then prompts you to click on the “Send Again” link in order to try sending the emails again. “

    Posted in Malware, Phishing, Scams | No Comments »

    Links in Instant Messages? Don’t click on them!!!

    December 7th, 2018 by

    Scam alert: Beware hackers stealing Facebook passwords via malicious video links in instant messages

    “Bottom line: Protect both your Facebook account and your computer from hackers by refusing to click on links and videos that show up in your IM inbox out of the blue.”

    Posted in Identity Theft, Malware | No Comments »

    UEFI Malware Based on Lojack (2008)

    November 4th, 2018 by

    First UEFI malware discovered in wild is laptop security software hijacked by Russians

    Particularly nasty since it embeds itself in the firmware and will survive even a hard drive replacement!

    Posted in Malware | No Comments »

    Multiple D-Link Routers open to attack

    October 19th, 2018 by

    Multiple D-Link Routers Open to Complete Takeover with Simple Attack

    “Eight D-Link routers in the company’s small/home office “DWR” range are vulnerable to complete takeover – but the vendor said it is planning on only patching two, according to a researcher. Błażej Adamczyk of the Silesian University of Technology in Poland discovered the vulnerabilities in May, uncovering that they affect the DWR-111, DWR-116, DWR-140, DWR-512, DWR-640, DWR-712, DWR-912 and DWR-921 models. However, he claims that D-Link told him that only the DWR-116 and 111 would be patched, because the rest have reached end-of-life and will no longer be supported. However, D-Link hasn’t issued the two promised patches, so after warning the vendor in September that he would publicly disclose the flaws if they weren’t addressed within a month, Adamczyk has published his findings, along with a proof-of-concept video.”

    Posted in Hardware, Malware | No Comments »

    First UEFI Malware discovered

    October 3rd, 2018 by

    First UEFI malware discovered in wild is laptop security software hijacked by Russians

    “Dubbed “LoJax,” the malware is the first case of an attack leveraging the Unified Extensible Firmware Interface (UEFI) boot system being used in an attack by an adversary. And based on the way the malware was spread, it is highly likely that it was authored by the Sednit/Fancy Bear/APT 28 threat group—the Russian state-sponsored operation tied by US intelligence and law enforcement to the cyber-attack on the Democratic National Committee.”

    Posted in Malware, Security Breeches | No Comments »

    « Previous Entries