The seven-year-old remote code execution vulnerability SambaCry was exploited by the SHELLBIND IoT malware to target NAS devices. A new strain of malware dubbed SHELLBIND exploits the recently patched CVE-2017-7494 Samba vulnerability in attacks against Internet of Things devices. SHELLBIND has infected most network-attached storage (NAS) appliances, it exploits the Samba vulnerability (also known as SambaCry and EternalRed) […]
Hacker steals $7 Million in Ethereum from CoinDash in just 3 minutes after the ICO launch. Attacker tricked investors into sending ETH to the wrong address. Cybercrime could be a profitable business, crooks stole $7 Million worth of Ethereum in just 3 minutes. The cyber heist was possible due to a ‘a simple trick.‘ Hackers have stolen the […]
Two CryptoMix Ransomware variants emerged in a few days, a circumstance that suggests the operators behind the threat are very active. Malwarebytesâ researcher Marcelo Rivero has spotted a new variant of the CryptoMix ransomware. #CryptoMix #Ransomware adds ext ".EXTE" to encrypted files, and the note "_HELP_INSTRUCTION.TXT" – md5: 1059676fbb9d811e88af96716cc1ffb5 pic.twitter.com/Ha4jeRMPEv — Marcelo Rivero (@MarceloRivero) July 13, […]
A Lithuanian court on Monday ruled the extradite of a man to the US to face charges of allegedly swindling $100M from Google and Facebook via email scam. A Lithuanian man who is allegedly responsible for a $100 million scam (roughly 87 million euros) from tech companies Google and Facebook will be extradited to the United States […]
Renato Marinho detailed an unusual SMS phishing campaign that hit Brazilian users. All started with an SMS message supposedly sent from his bank. Introduction Today I faced quite an unusual SMS phishing campaign here in Brazil. A friend of mine received an SMS message supposedly sent from his bank asking him to update his registration […]
Authorities shut down Alphabay, wondering which will be the marketplace that will reach the top and which will be the impact on the criminal ecosystem? AlphaBay was shut down by law enforcement and the alleged mastermind committed suicide in jail while waiting for the extradition to the US. The event will have a significant impact on […]
Did you receive a WhatsApp subscription ending email or text? Watch out! It is a scam to steal your payment and personal data. Researcher Graham Cluley is warning of bogus âWhatsApp subscription endingâ emails and texts. Internet users are receiving an email pretending to be from WhatsApp and warning them of the ending for an alleged WhatsApp […]
The number of cyber attacks against ATM involving so-called ‘insert skimmers’ is increasing. Bran Krebs wrote about recent attacks using infrared devices. The number of cyber attacks against ATM involving so-called ‘insert skimmers’ is increasing. Insert Skimmers are wafer-thin fraud devices designed to fit invisibly inside the ATM card slot. Insert Skimmers are able to capture card […]
The experts from Netskope Threat Research Labs discovered the Hackshit PhaaS platform, another interesting case of crimeware-as-a-service. A few days ago, we discussed the Katyusha scanner,a powerful and fully automated SQLi vulnerability scanner discovered by researchers at security firm Recorded Future that was available for $500 in the cyber crime underground. The Katyusha scanner is just one […]
Security experts at the SANS Institute discovered that that NemucodAES ransomware and Kovter trojan are being delivered together in spam campaigns. Security experts at the SANS Institute Internet Storm Center, discovered that that two malware families, NemucodAES and Kovter are being delivered together in .zip attachments delivered via active spam campaigns. Security Researcher Brad Duncan […]