The Organization of the Islamic Cooperation – Computer Emergency Response Team (OIC-CERT) has started its 9th Annual International Conference on the theme “Uncovering Future Threats” in Baku, AzerTAC reports. The organizer of the conference is the Special State Protection Service of the Republic of Azerbaijan, local partners are Delta Telecom LTD and Azinfosec, and foreign partners are May Cyer Technology, THALES and Videntifier companies. The...
Read More
An important milestone in the history of cryptomining happened around mid-September when a company called Coinhive launched a service that could mine for a digital currency known as Monero directly within a web browser. JavaScript-based mining is cross-platform compatible and works on all modern browsers. Indeed, just about anybody visiting a particular website can start mining for digital currency with eventual profits going to the owner’s wallet (in the...
Read More
Symantec has identified a previously unknown group called Sowbug that has been conducting highly targeted cyber attacks against organizations in South America and Southeast Asia and appears to be heavily focused on foreign policy institutions and diplomatic targets. Sowbug has been seen mounting classic espionage attacks by stealing documents from the organizations it infiltrates. Symantec saw the first evidence of Sowbug-related activity with the discovery...
Read More
Want to stop the latest cybercrime bogeyman? Then for the umpteenth time, put in place well-known and proven strategies for repelling online attacks. That’s one takeaway from a recent threat report issued by Britain’s National Cyber Security Center. Based on open source reporting, the alert calls out a trio of attack campaigns: phishing emails that pretend to be speeding tickets but which instead deliver malware; attackers using...
Read More
REDBALDKNIGHT, also known as BRONZE BUTLER and Tick, is a cyberespionage group known to target Japanese organizations such as government agencies (including defense) as well as those in biotechnology, electronics manufacturing, and industrial chemistry. Their campaigns employ the Daserf backdoor (detected by Trend Micro as BKDR_DASERF, otherwise known as Muirim and Nioupale) that has four main capabilities: execute shell commands, download and upload data, take screenshots, and log...
Read More
Banking Trojan একটি কম্পিউটার প্রোগ্রাম যা অনলাইন ব্যাঙ্কিং সিস্টেমগুলির মাধ্যমে সংগৃহীত এবং প্রক্রিয়াকৃত গোপনীয় তথ্যগুলিতে অ্যাক্সেস, এমনকি ব্যাংকের গোপনীয় তথ্য পাওয়ার জন্য ব্যবহৃত হয়। একটি ব্যাংকিং ট্রোজান ব্যবহারকারীর পিসি বা ওয়েব ব্রাউজার সংক্রমিত করার পরে এটি গোপনে বা সুপ্তভাবে তাদের অনলাইন ব্যাংকিং কার্যক্রম এর জন্য অপেক্ষা করে, এই ধরনের ট্রোজান কী-লগিং ব্যবহার করে অ্যাকাউন্ট ব্যবহারকারীর নাম, পাসওয়ার্ড ও বিভিন্ন তথ্য চুরি করে সাইবার অপরাধীদের কাছে...
Read More
Description: WordPress 4.8.3 is now available. This is a security release for all previous versions and it is strongly encouraged you to update your sites immediately. WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from...
Read More
The Internet of Things is riddled with security challenges. Cybercriminals know this too, and have often been quicker to take advantage of vulnerabilities than we have been to fix them. For instance, according to Fortinet’s Threat Landscape Report for the second quarter of 2017, 90% of organizations recorded attacks that targeted system and device vulnerabilities that were at least three years old, even though updates and patches had long...
Read More
Two weeks ago, a co-worker received a message in Facebook Messenger from his friend. Based on the message, it seemed that the sender was telling the recipient that he was part of a video in order to lure him into clicking it. The shortened link was initially redirecting to Youtube.com, but was later on changed to redirect to yet another shortened link – po.st: The...
Read More
European Union member states have drafted a diplomatic document which states serious cyber-attacks by a foreign nation could be construed as an act of war. The document, said to have been developed as a deterrent to provocations by the likes of Russia and North Korea, will state that member states may respond to online attacks with conventional weapons “in the gravest circumstances.” The framework on...
Read More
