Security experts are warning some “Quit Smoking” and “20 Minute Fat Loss” ads online are delivering more than sales pitches. According to researchers at Zscaler, ads are redirecting browsers to malicious landing pages hosting the Terror exploit kit. The campaigns have been sustained, with the initial blast spotted on Sept. 1 and lasting through Oct. 23. “Terror EK activity has been low throughout the year...
Read More
Last October, the internet broke, or stuttered, depending on who you ask. One year later, those vulnerabilities remain and a year from now, connectivity will still be at the mercy of attackers. DDoS attacks have become commonplace, but that doesn’t limit the potential negative impact on businesses. In a domain analysis of the top 100 U.S. websites — which includes companies like Netflix, Twitter, YouTube, Reddit, Amazon.com and...
Read More
Lately we have been seeing a new variant of Android banking malware which is well-developed and provides numerous unique features such as a ransomware module. Based on the BTC addresses that are used in the source code it seems that the actors behind this new Android malware are successful cybercriminals with over 1.5 million dollars in BTC. It is very unlikely that the actors behind...
Read More
After last week we had the KRACK and ROCA cryptographic attacks, this week has gotten off to a similarly “great” start with the publication of a new crypto attack known as DUHK (Don’t Use Hard-coded Keys). The issue at the heart of the DUHK attack is a combination of two main factors. The first is the usage of the ANSI X9.31 Random Number Generator (RNG). This is an algorithm...
Read More
Security researchers have spotted a new Android banking trojan named LokiBot that turns into ransomware and locks users’ phones when they try to remove its admin privileges. The malware is more banking trojan than ransomware — according to SfyLabs researchers, the ones who discovered it — and is used for this purpose primarily. Just like similar Android banking trojans, LokiBot works by showing fake login...
Read More