Malboard is a new sophisticated attack developed by security researchers at Israeli Ben-Gurion University of the Negev (BGU). The attack involves a compromised USB keyboard to generate and send malicious keystrokes that mimic user behavior. What makes this attack sophisticated…
What is wtfsupport@airmail.cc ransomware? We received several reports regarding a new ransomware virus currently infecting users worldwide. The ransomware is most likely spread in malicious spam campaigns. We named it wtfsupport@airmail.cc ransomware virus (or wtfsupport@airmail.cc files virus) after one of…
What are .BAT files? How to open .BAT encrypted files? What is Dharma ransomware virus? How to remove Dharma and try restoring .BAT files? The .bat file extension is a suffix that is used by Dharma ransomware after it infects…
What is .muslat files virus? How to remove it from infected PC? Can .muslat files be recovered? Ransomware dubbed .muslat files virus has been detected in the wild. When started on a computer it interferes with main system settings and…
Emails delivering malware is not news but this campaign deserves attention because it uses a previously patched exploit and requires zero interaction. An active malware campaign which is using emails in European languages distributes RTF files that carry the CVE-2017-11882…
What are .heroset files? What is STOP ransomware? How to open .heroset encrypted files? How to remove STOP virus and try to restore data? The .heroset files are files, that are AES-256 encrypted as a result of a ransomware infection…
Security researcher SandboxEscaper has released the details of CVE-2019-0841, another zero-day affecting Windows 10 and Windows Server 2019. The details have been published on GitHUb and are now available in the same account with the previously disclosed eight zero-days. The…
CVE-2019-10149 is a critical security vulnerability in the Exim mail transfer agent (MTA) software. The flaw is located in Exim versions 4.87 to 4.91 included, and is described as improper validation of recipient address in deliver_message() function in /src/deliver.c which…
Can Courselfan.pro pop-ups affect your browser? Is Courselfan.pro a redirect? Does Courselfan.pro spam you with pop-up ads? How to remove Courselfan.pro redirect? Courselfan.pro is a malicious URL address used for the purposes of redirecting users to sites containing spam, advertisements…
GoldBrute is the name of a new botnet which is currently scanning the internet and attempting to locate poorly protected Windows machines with RDP (Remote Desktop Protocol) connection enabled. The botnet was discovered by security researcher Renato Marinho of Morphus…
The .{dresdent@protonmail.com}DDT ransomware is a new iteration of the Globe Imposter malware family seeking to infect as many users as possible. There is no information available about the hacking collective behind it at the moment. This may mean that the…
What are .poret files? What is .poret ransomware? How to remove the STOP ransomware virus? How to try and restore .poret encrypted files? The .poret files belong to a ransomware infection, called STOP ranosmware. They are AES-256 encrypted beyond recovery,…
What are .euclid files? What is .euclid ransomware virus? How to remove the Euclid ransomware and try to restore .euclid encrypted files? A new ransomware virus, using the .euclid file extension has recently been spotter. The ransomware uses the .euclid…
An unknown hacking group may have breached the Microsoft Outlook support agent service in a recent attack against the company. This has allowed the hackers to gain sensitive data about the users on the email platform — they were able…
A new report by Bromium titled Behind the Dark Net Black Mirror offers a detailed analysis of the dark net markets. The report has been carried out by Dr. Michael McGuire who will present his findings in full during the…
Is .pidon Files Virus part of the STOP ransomware family? What is .pidon Files Virus? Can files encrypted by .pidon Files Virus be recovered? .pidon extension is the latest one that STOP ransomware puts to the files it has encrypted.…
An unknown hacking collective is behind a massive phishing attack that involves the creation of a fake Cryptohopper website. This is a very popular cryptocurrency trading platform which is used by thousands of users. Any interaction with any of them…
Check Point security researchers revealed multiple critical vulnerabilities in a popular IPTV platform called Ministra. The vulnerabilities could allow attackers to bypass authentication and obtain users’ information. The impact of the vulnerabilities could be quite devastating. The research shows that…
What is .pidom Files Virus? Can files encrypted by .pidom Files Virus be recovered? .pidom extension is the latest one that STOP ransomware puts to the files it has encrypted. STOP or also called the .pidom Files Virus seems to…
The well-known RIG exploit kit is currently distributing the Buran ransomware, which is a version of Vega (VegaLocker) ransomware. A security researcher known as nao_sec was the first to notice a malvertising campaign redirecting users to the RIG EK which…
