June 8th, 2019 by hankshelp
Yet another reason why I never, ever, click on an “Ad” from a Google search…
“f you are planning on doing any shopping over the weekend, you may want to be careful when doing searches in Google. This is because scammers have infiltrated Google’s ad network to redirect users to tech support scams when they click on popular search terms such as Lowes and PayPal.
A security research recently told BleepingComputer about a new malvertising campaign that is causing searches for the keyword “Lowes” to redirect a user to a tech support scam.“
Posted in Identity Theft, Malware | No Comments »
May 27th, 2019 by hankshelp
Executive summary
Over the past week, starting on Tuesday, May 21, a security researcher publicly disclosed multiple elevation-of-privilege vulnerabilities by posting proof-of-concept code on GitHub. Successful exploitation of these vulnerabilities requires an attacker to already have code execution.
At the time of publication, the researcher has released five sets of proof-of-concept code, including exploits for four zero-day vulnerabilities, all affecting different Windows components. The fifth proof-of-concept code targeted a vulnerability (CVE-2019-0863) that was addressed in May 2019.
Microsoft is actively preparing a host of protections to detect and stop known exploitation methods. Customers are advised to review the listed mitigations. Ensure your antimalware products are up-to-date and turn on automatic updates so that security updates are promptly deployed as soon as they become available.
At the time of publication, there are no active attacks in the wild exploiting the disclosed vulnerabilities.
Posted in Malware | No Comments »
May 15th, 2019 by hankshelp
“Attackers have been exploiting a vulnerability in WhatsApp that allowed them to infect phones with advanced spyware made by Israeli developer NSO Group, the Financial Times reported on Monday, citing the company and a spyware technology dealer.”
“WhatsApp said the fix on Friday was made to the company’s servers and was aimed at preventing attacks from working. The company released a patch for end users on Monday. “
Posted in Identity Theft, Malware | No Comments »
May 6th, 2019 by hankshelp
“Don’t try to respond by phone or email, all you will do is end up with an innocent person or company who have had their details spoofed and picked at random from a long list that the bad guys have previously found. The bad guys choose companies, Government departments and organisations with subjects that are designed to entice you or alarm you into blindly opening the attachment or clicking the link in the email to see what is happening. “
Posted in Identity Theft, Malware, Scams | No Comments »
April 28th, 2019 by hankshelp
Yet another reason to avoid so-called “Cleaners” for Windows. First off, I don’t trust things that will “automatically” make changes to my PC without my knowing exactly what they are doing. Yet these programs keep showing up, even advertised on-line as well as on TV.
“Researchers have discovered a web site pushing a PC cleaner tool for Windows that in reality is just a front for the Azorult password and information stealing Trojan.
AZORult is a trojan that when installed attempts to steal a user’s browser passwords, FTP client passwords, cryptocurrency wallets, desktop files, and much more.
Instead of renting distribution methods such as spam, exploit kits, or being dropped by other trojans, the attackers decided to create a fake Windows utility and an accompanying web site to distribute the trojan instead.“
Posted in Identity Theft, Malware, Scams | No Comments »
March 30th, 2019 by hankshelp
Once more a malware installed on Point of Sale terminals…
Posted in Identity Theft, Malware, Security Breeches | No Comments »
March 5th, 2019 by hankshelp
“Phishing attacks have seen an impressive 250% increase between January and December 2018, with attackers moving to multiple points of attacks during the same campaign, switching between URLs, domains, and servers when sending e-mails and hosting phishing forms.”
Posted in Identity Theft, Malware, Phishing | No Comments »
January 25th, 2019 by hankshelp
“The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolve. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organization’s domain names, enabling man-in-the-middle attacks.”
Posted in Malware, Scams, Security Breeches | No Comments »
January 22nd, 2019 by hankshelp
“Over half (59%) of the apps studied ultimately have Chinese ownership or are based in China, despite its strict ban on VPNs and its notorious internet surveillance regime. This raises questions about why these companies — which have such large international user bases — have been allowed to continue operating.”
Posted in Malware | No Comments »
January 20th, 2019 by hankshelp
List of impacted devices includes PS4, Xbox One, Samsung Chromebooks, and Microsoft Surface devices.
Posted in Malware, Security Breeches | No Comments »