by CIRT Team
A new phishing scam on the rise: 30,100 USD has been made [source: 360totalsecurity]
Recently, a new form of phishing scam has been discovered. It uses the recipient’s real password to make the victims mistakenly believe that their online data has been attacked by hackers. It is claimed that the victims have to meet the request of the attackers, otherwise the video regarding victims visiting porn sites would be exposed. A few weeks ago, Vade Secure released a report,...
Read More
by CIRT Team
Cryptominer injection into RealNetworks website via Drupal vulnerability [360totalsecurity]
Recently, 360 Security Center discovered that attackers injected the CryptoMining script into the Chinese official website of the well-known provider of Internet streaming media, RealNetworks. When users open the official website of RealNetworks, it would cause high CPU usage, the processor would get hot, and the computer would be much slower. RealVideo and RealPlayer created by RealNetworks have been widely spread, so the number of...
Read More
by CIRT Team
Exobot Android Malware spreading via Google Play Store [source: threatfabric]
Context Exobot Actor (nicknamed “android”) started a new Android bot rental service named Exobot v1 in June 2016. The malware in use was built to be able to target many banks with so called overlay attacks (also known as injects). SfyLabs’ team analyzed and researched Exobot v1, which is covered in detail in our blog. After a year of successful campaign of Exobot v1, in May...
Read More
by CIRT Team
More than 200,000 MikroTik routers are infected by CryptoMining malware [360totalsecurity]
Recently, 360 Security Center discovered a malicious hijacking campaign against MikroTik routers, mainly using the zero-day vulnerability in the MikroTik router in April. It infected the routers using code that loads the browser-based crytpomining software by Coinhive. Hence, when users try to access the Internet through the MikroTik proxy, they will encounter HTTP error since Coinhive’s Javascript has been injected into web pages that users...
Read More
by CIRT Team
Will iPhone XS postpone its new release? [source: 360totalsecurity]
According to Taiwan media reports, on the evening of 3rd August, the largest iPhone chip supplier, Taiwan Semiconductor Manufacturing Co.(TSMC), was infected by WannaCry ransomware, and the production line was completely shut down. It is rumored that TSMC was attacked by hackers, but TSMC officially confirmed the incident that some production equipment was infected by WannaCry ransomware. The company has controlled the scope of the...
Read More
by CIRT Team
Four Giants Introduce the Data Transfer Project: Consumer Data Portability [source: microsoft]
As we progress further into the era of the intelligent cloud and all its potential applications, Microsoft recognizes that people will only use technologies they trust – and that they can control. This is at the heart of Microsoft’s recent commitments to extend rights that are at the heart of GDPR to all of our consumer customers worldwide, and drives the design of our privacy dashboard to give users...
Read More
by CIRT Team
Hacking WiFi Password in a few steps using a new attack on WPA/WPA2 [source: securityaffairs]
A security researcher has devised a new WiFi hacking technique that could be exploited to easily crack WiFi passwords of most modern routers. The security researcher Jens ‘Atom’ Steube, lead developer of the popular password-cracking tool Hashcat, has devised a new WiFi hacking technique that could be exploited to easily crack WiFi passwords of most modern routers. The new WiFi hacking technique allows to crack WPA/WPA2 wireless network protocols...
Read More
by CIRT Team
Emotet Malware [source: us-cert]
Systems Affected Network Systems Overview Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors. This joint Technical Alert (TA) is the result of Multi-State Information Sharing & Analysis Center (MS-ISAC)...
Read More
by CIRT Team
Malicious Macro Hijacks Windows Desktop Shortcuts [source: gbhackers]
Cybercriminals using a malicious macro that changes the target of Desktop Shortcuts to download malware and when the user clicks on the altered shortcut file, the malware executes. With this new campaign, attackers used common tools like WinRAR, and Ammyy Admin to gather information instead of their own tools. Security researchers from Trend Micro uncovered the new campaign, the malware and macro are not sophisticated and researchers...
Read More
by CIRT Team
Protecting Yourself on Social Networks [source: ssd.eff]
Social networks are among the most popular websites on the Internet. Facebook has over a billion users, and Instagram and Twitter have hundreds of millions of users each. Social networks were generally built on the idea of sharing posts, photographs, and personal information. Now they have also become forums for organizing and speech. Any of these activities can rely on privacy and pseudonymity. Thus, the...
Read More
