While mobile ransomware such as the recent SLocker focuses on encrypting files on the victim’s devices, a new mobile ransomware named LeakerLocker taps into its victims’ worst fears by allegedly threatening to send personal data on a remote server and expose its contents to everyone on their contact lists.
Another case of pre-installed malware make the headlines, malware researchers at the Russian anti-virus firm Dr.Web have spotted the Triada Trojan in the firmware of several low-cost Android smartphones, including Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. Experts speculate that threat actors compromised the supply chain infecting a small number of smartphones of the above models.
The researcher found that two cameras from Chinese gadget maker Shenzhen Neo Electronic have vulnerabilities that allow hackers to remotely access their video stream, or take full control of the cameras, opening up the possibility that someone could amass an an Internet of Things botnet of around 150,000 devices. Alex Balan, a researcher at security firm Bitdefender who found the flaw, told Motherboard that he...
Read More
Description: Google chrome before version 60.0.3112.78 for Windows, Mac, and Linux has multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Impact: Attackers can exploit these issues to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html
Description: An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created. Impact: An attacker who exploited the vulnerability could use the information to compromise the user’s computer...
Read More
Description: A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference...
Read More
On July 27, 2017, in coordination with Luciano Martins, Director of Cyber Risk Services at Deloitte, Flashpoint observed a new version – “1000029” – of the formidable “Trickbot” banking Trojan with a new “worm64Dll” module, spread via the email spam vector, impersonating invoices from a large international financial institution.
Once a user has been phished, how long does it take for the phishers to misuse the stolen credentials? To discover the answer to that question and many others, Imperva researchers went undercover by creating 90 personal online accounts, including email and file sharing accounts with Google and Dropbox. Once the so-called honey pot accounts were active, the researchers deployed techniques to lure in the...
Read More
It’s normal for Android apps to download plugins. The main application might just be a “view folder” while plugins provide much of the functionality. It’s not so normal when one of those plugins tries to steal your SMS messages.
Description: Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or...
Read More
