Yomi implements detection for CurveBall exploits and also supports CVE-2020-0601 exploit detection even for signed Powershell modules. The recent CurveBall vulnerability shook the Info-Sec community worldwide: a major vulnerability reported directly by the US National Security Agency. Such uncommon vulnerability reporter alerted the whole Industry, CVE-2020-0601 quickly conquered most of the headlines. The reason for this unusual outreach […]
In a few days back, the MalwareMustDie teamâs security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This is not the first time Fbot analysis has been published, and also Fbot binaries have been actively infecting […]
The US-based children’s clothing maker Hanna Andersson has disclosed a data breach that affected its customers. The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Like other Magecart attacks, crooks compromised the online store and injected a JavaScript code into checkout pages to […]
Attacks on Citrix servers are intensifying, one of the threat actors behind them is patching them and installing its own backdoor to lock out other attackers. Security experts are monitoring a spike in the number of attacks against Citrix servers after that researchers announced the availability online of proof-of-concept exploits for the CVE-2019-19781 flaw in Citrix NetScaler […]
I’m preparing the slides for my next speech and I decided to create this post while searching for interesting cybercrime statistics in 2020 Cybercrime will cost as much as $6 trillion annually by 2021. The global expense for organizations to protect their systems from cybercrime attacks will continue to grow. According to the Cybersecurity Venturesâ cybercrime statistics 2017 […]
The FBI has seized the WeLeakInfo.com websites for selling subscriptions to data that were exposed in data breaches. WeLeakInfo.com is a data breach notification service that allows its customers to verify if their credentials been compromised in data breaches. The service was claiming a database of over 12 billion records from over 10,000 data breaches. […]
Security experts from Sophos discovered 25 Android apps on the official Google Play that were involved in financial fraud, 600 million affected. Security researchers from Sophos discovered a set of so-called fleeceware apps that have been installed by more than 600 million Android users. Fleeceware apps are malicious applications uploaded to the official Google Play […]
The cybercrime group behind Satan ransomware and other malware seems to be involved in the development of a new threat named 5ss5c. The threat actors behind the Satan, DBGer and Lucky ransomware and likely Iron ransomware, is back with a new piece of malware named ‘5ss5c’. The Bart Blaze believes that the threat actors have […]
P&N Bank discloses data breach, customer account information, balances exposed The Australian P&N Bank is notifying its customers a data breach that has exposed personally identifiable information (PII) and sensitive account data. P&N Bank, a division of Police & Nurses Limited and operating in Western Australia, suffered a data breach and is reporting the incident […]
49 million user records from US data broker LimeLeads were available for sale on a hacking forum. 49 million user records from US data broker LimeLeads were available for sale on a hacking forum, the data were exposed on an Elasticsearch server. Exposed LimeLeads data contains full name, title, user email, employer/company name, company address, […]