Phorpiex is a well-known malware that has been operating at least since 2016, initially known as a botnet using the IRC protocol. A couple of years later, the botnet’s infrastructure changed to Tldr – a loader controlled via HTTP. The…
Meta, formerly Facebook, is adding scraping attacks to its bug bounty program, according to a statement the company made. Scraping is an issue that Facebook has been struggling with in the past. Because of this, two areas of research for…
DarkWatchman is the name of a new JavaScript-based remote access trojan (RAT). Currently, the RAT is being distributed in the wild via malicious emails. The malware uses the domain generation algorithm (DGA) technique to identify its Command and Control (C2)…
Khonsari is a novel ransomware family currently attempting to exploit the critical Apache Log4j vulnerability, also known as CVE-2021-44228, Log4Shell and Logjam. Apache Log4j Vulnerability: CVE-2021-44228 According to the National Vulnerability Database, “Apache Log4j2
Censorship has reached another level in Russia with the country’s decision to fully ban access to the Tor network. In addition to Tor, six other virtual network providers (VPNs) were banned in an attempt to control the internet and prevent…
A cryptocurrency support scam bot that was discovered in May has now evolved. As a result, more cryptocurrency users are targeted. How Does the Cryptocurrency Support Scam Bot Operate? How does the scam operate? Scammers closely monitor all tweets that…
A new ransomware-as-a-service player has been detected by Recorded Future and MalwareHunterTeam on two underground forums. Known as ALPVH and BlackCat, the ransomware group is the first to use Rust, The Record reported. This is the third ransomware strain to…
What is the current state of identify fraud, and where is this cybercrime trend headed in 2022? The state of identity fraud According to a new report by Onfido, identity fraud has increased with 44% since 2019. Since more businesses…
Glupteba is a well-known cryptocurrency mining trojan operating that has been active for a few years. The mining operation has now been disrupted, thanks to a coordinated effort by Google and Cloudflare. According to Google’s announcement, the company “has taken…
A new malvertising campaign has been detected in the wild. The campaign’s purpose is tricking potential victims into executing fake software installers of popular programs, and eventually download an infostealer, a backdoor and a malicious Chrome extension. The discovery comes…
A new data stealing malware has been detected just in time for Christmas and all the related online shopping. It seems that the trend of data stealers directly compromising servers is continuing. CronRAT is another such server-side malware, which was…
CVE-2021-42367 is a security vulnerability in the “Variation Swatches for WooCommerce” WordPress plugin. The plugin, which works as WooCommerce extension, has more than 80,000 active installations. CVE-2021-42367 Vulnerability in Variation Swatches for WooCommerce Plugin The vulnerability could enable an attacker…
A new botnet, called EwDoor, was detected in the wild while performing DDoS attacks. The attacks were targeting an unpatched 4-year-old flaw (CVE-2017-6079) in Ribbon Communications EgdgeMarc appliances that belong to telecom providers AT&T. EwDoor was first detected on Ocboter…
Printing Shellz is the name of a new set of security vulnerabilities that affect 150 different HP multifunction printers (MFPs). The flaws could be leveraged to takeover exposed devices, steal sensitive information, and sneak into enterprise networks to lay the…
CVE-2021-24084 is an improperly patched Windows security vulnerability that could cause information disclosure and local privilege escalation. The flaw is located in the Windows Mobile Device Management component, and could grant unauthorized filesystem access and read arbitrary files. Another Improperly…
The ever-growing market value of cryptocurrency, now estimated at over $2.5 trillion, has been attracting cybercriminals over the years. The digital currency has been of great help in monetizing ransom payments, but has many more other sides that are lucrative…
What Is CronRAT? CronRAT is a new sophisticated malware threat of the remote access trojan type, discovered just before this year’s Black Friday. The malware is packed with previously unseen stealth capabilities. It hides in the Linux calendar system on…
CVE-2021-41379 is an elevation-of-privilege vulnerability which Microsoft fixed earlier this month. However, it turns out that there is another, “more powerful” variant, discovered by security researcher Abdelhamid Naceri. He came across a Windows Installer EoP flaw patched by Microsoft several…
Widely used Taiwanese MediaTek system-on-chips (SoCs) contain multiple vulnerabilities, according to Check Point researchers. The chips are deployed in approximately 37% of all smartphones and IoT devices worldwide, including models by Xiaomi, Oppo, Realme, Vivo. Widely Used MediaTek SoCs Contain…
Another enormous cybersecurity incident has hit domain registrar GoDaddy. The large-scale data breach is the fifth “injury” the company has had since 2018. This time, 1.2 million GoDaddy customers were affected, after an unauthorized third-party successfully infiltrated its systems on…
