Malware hunters from US security firm Forcepoint have stumbled across a new strain of Point of Sale (PoS) malware, the second such type of PoS malware that hides stolen credit/debit card information inside DNS requests. The first PoS malware that was first seen employing this technique was a lesser known version of the NewPosThings PoS malware —named MULTIGRAIN—, discovered in April 2016 by fellow US cyber-security...
Read More
In our personal lives, we consume a huge number of services on demand, from music and television to travel and food. As consumers, we expect to be able to access services monthly, paying only for what we need and leaving the complicated details, such as owning physical assets, upgrading software and making improvements, to the experts. It makes sense that business leaders are beginning to...
Read More
Stealthy crypto-mining is on track to surpass ransomware as cybercriminals’ most favorite money-making option, and companies with computers and servers that run all day and night long are the preferred targets. This could be more than just a nuisance to the companies – it could seriously affect business operations and render some companies unable to operate for days and even weeks. In some instances, namely when the...
Read More
Shurl0ckr, a form of Gojdue ransomware, was not detected on SharePoint or Google Drive. Google Drive and Microsoft Office 365, both of which have built-in malware protection, failed to identify a new form of Gojdue ransomware dubbed Shurl0ckr. The zero-day ransomware evaded most major antivirus platforms: only seven percent of 67 tested tools detected it. Researchers on the Bitglass Threat Research Team discovered Shurl0ckr during...
Read More
Description: Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution within the context of a privileged...
Read More
The operators of some tech support scam websites have found a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded software or servicing fees. The trick relies on using JavaScript code loaded on these malicious pages to initiate thousands of file download operations that quickly take up the user’s memory resources, freezing Chrome on the scammer’s site....
Read More
A security researcher has found a way to bypass the “Controlled Folder Access” feature added in Windows 10 in October 2017, which Microsoft has touted as a reliable anti-ransomware defensive measure. This feature, described in more depth in this Bleeping Computer review, is part of the Windows Defender antivirus built into all versions of Windows 10. Users who updated to the Windows 10 Fall Creators Update...
Read More
HummingBad malware infected over 10 million Android devices in the summer of 2016. The malware was capable of taking over an Android smartphone or tablet, stealing and selling a device’s user information, and downloading and installing unauthorized apps. Also in 2016, Mazar malware is downloaded when users click on an innocent-looking link designed to look like a multimedia message. When unsuspecting Android users click on the link, it installs...
Read More
Ledger hardware wallet that is currently operating in the cryptocurrency market is vulnerable to cyber attacks. The vulnerability was identified by unknown security researchers in every single hardware wallet that allows cybercriminals to show fraudulent addresses to Ledger users/customers. When funds are requested to these addresses, the cryptocurrency is transferred to the attacker’s wallet instead of the user. Needless to say that the user will end...
Read More
WordPress hacks are increasingly common. Whether it’s for malicious reasons, to harm a site or to just insert backlinks, WordPress can be very vulnerable if not cared for and updated regularly. How to Prevent hacks? So, how do you prevent these security blips – this post aims to show how. Backup Regular data backup can save you lots of frustration and headache, and especially after...
Read More
