A security researcher from Vertek Corporation reported to Bleeping Computer that over 43 million email addresses have been leaked from the command and control server of a spam botnet. An expert from Vertek Corporation spotted the C&C server while investigating a recent malware campaign distributing a version of the Trik trojan. The malicious code was used as a first-stage malware […]
Retailer Dixons Carphone has disclosed a security breach that involved 5.9 million payment cards and 1.2 million personal data records. Dixons Carphone discovered an “unauthorised access” to certain data held by the company, it promptly launched an investigation and hired an external firm to shed the light on the case. The company immediately reported the […]
Fortinet discovered PyRoMineIoT, a new strain of crypto-currency miner that exploits the NSA-linked EternalRomance exploit to spread. PyRoMineIoT is a new strain of crypto-currency miner that exploits the NSA-linked EternalRomance remote code execution exploit to spread, the malware also abuses infected machines to scan for vulnerable Internet of Things (IoT) devices. PyRoMineIoT is quite similar to another crypto-currency miner dubbed PyRoMine that was […]
Microsoft issued Patch Tuesday updates for June 2018 that address a total of 50 vulnerabilities, 11 of which are critical remote code execution flaws. Microsoft issued Patch Tuesday updates for June 2018 that address a total of 50 flaws, 11 critical remote code execution vulnerabilities and 39 issues rated as important. The tech giant also issued some mitigations […]
North Korea-linked Lazarus APT group planted an ActiveX zero-day exploit on the website of a South Korean think tank focused on national security. According to researchers at AlienVault, North Korea-linked hackers planted an ActiveX zero-day vulnerability on the website of a South Korean think tank focused on national security. The experts attributed the attack to the notorious Lazarus APT group […]
VMware has found a critical remote code execution vulnerability in the AirWatch Agent applications for Android and Windows Mobile. The agent is installed by users on a mobile device in order to allow the AirWatch to manage it. The flaw, tracked as CVE-2018-6968, âmay allow for unauthorized creation and execution of files in the Agent sandbox […]
US authorities announced the arrest of 74 individuals as part of an international law enforcement operation dubbed ‘operation WireWire’ targeting BEC scams. On Monday, the U.S. authorities announced the arrest of 74 individuals as part of an international law enforcement operation dubbed ‘operation WireWire’ targeting business email compromise (BEC) scams. The authorities conducted the investigation for over […]
Fortinet recently observed a series of cyber-attacks targeting Russian service centers offering maintenance and support for various electronic goods. Security researchers from Fortinet have recently spotted a series of cyber-attacks targeting Russian service centers offering maintenance and support for various electronic goods. Experts highlighted the hackers conducted multi-stage attacks but excluded the involvement of a nation-state […]
Cybercriminal group has managed to steal a total of 38,642 Ether, worth more than $20,500,000, from clients exposing the unsecured interface on port 8545. Cybercriminals have raked over 20 million dollars in the past few months by hijacking poorly configured Ethereum nodes exposed online are continuing their operations. In March, security experts from Qihoo 360 Netlab […]
According to former GCHQ chief, the recently discovered VPNFilter botnet is the demonstration that Russia appears to be live-testing cyberattacks. Former GCHQ chief Robert Hannigan has warned that the availability of hacking tools in the main marketplaces is rapidly changing the threat landscape. Hannigan served as the director of the UK intelligence agency between November 2014 until January 2017. Threat actors have an […]