Billions of Bluetooth-enabled devices are exposed to a number of recently discovered vulnerabilities that allow a hacker to access and take control of devices, install malware and undertake other malicious activities, according to newly published research. Discovered by security firm Armis Labs Inc. and dubbed “BlueBorne,” the vulnerability affects major mobile, desktop, and IoT operating systems, including Android, iOS, Windows and Linux. It’s spread over the air and...
Read More
Security researchers Dylan Katz and Victor Gevers confirmed other 26,000 MongoDB servers were hit in a new wave of ransom attacks. Ransom attacks on MongoDB databases revamped over the weekend after an apparent pause. According to the security researchers Dylan Katz and Victor Gevers, three new groups appeared on the threat landscape and hijacked over 26,000 servers, one of them, in particular, is responsible for hijacking 22,000 machines. EMAIL ADDRESS VICTIMS RANSOM...
Read More
Over the past two days, there was an increase in activity from a relatively unknown ransomware strain named SynAck, according to victims who sought assistance in the Bleeping Computer ransomware support forums and from submissions to the ID-Ransomware service. This particular ransomware strain — named SynAck or Syn Ack — was first spotted on August 3 and experts quickly determined that they were looking at a...
Read More
The energy sector in Europe and North America is being targeted by a new wave of cyber attacks that could provide attackers with the means to severely disrupt affected operations. The group behind these attacks is known as Dragonfly. The group has been in operation since at least 2011 but has re-emerged over the past two years from a quiet period following exposure by Symantec and a...
Read More
Cloud-based storage platforms have a history of cybercriminal abuse, from hosting malicious files and directly delivering malware to even making them part of a command-and-control (C&C) infrastructure. GitHub was misused this way when the Winnti group used it as a conduit for its C&C communications. We saw a similar—albeit a lot simpler and less creative—attack on Autodesk® A360, comparable to the way file-sharing sites are being used to host...
Read More
