Lucene search
K

180 matches found

The Hacker News
The Hacker News
added 2018/07/26 6:43 p.m.22 views

CoinVault Ransomware Authors Sentenced to 240 Hours of Community Service

Almost three years after the arrest of two young Dutch brothers, who pleaded guilty to their involvement in creating and distributing CoinVault ransomware malware, a district court in Rotterdam today sentenced them to 240 hours of community service. In 2015, the two suspects — Melvin 25-year-old...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2018/06/14 3:10 p.m.419 views

Chinese Hackers Carried Out Country-Level Watering Hole Attack

Cybersecurity researchers have uncovered an espionage campaign that has targeted a national data center of an unnamed central Asian country in order to conduct watering hole attacks. The campaign is believed to be active covertly since fall 2017 but was spotted in March by security researchers fr...

9.3CVSS0.6AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2018/06/07 3:51 p.m.119 views

Adobe Issues Patch for Actively Exploited Flash Player Zero-Day Exploit

If you have already uninstalled Flash player, well done! But if you haven't, here's another great reason for ditching it. Adobe has released a security patch update for a critical vulnerability in its Flash Player software that is actively being exploited in the wild by hackers in targeted attack...

10CVSS1.4AI score0.25353EPSS
Exploits0
Prion
Prion
added 2018/06/07 2:29 a.m.13 views

Design/Logic Flaw

The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry...

10CVSS9.5AI score0.01455EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2018/04/09 6:35 p.m.152 views

Word Attachment Delivers FormBook Malware, No Macros Required

A new wave of document attacks targeting inboxes do not require enabling macros in order for adversaries to trigger an infection chain that ultimately delivers FormBook malware. Researchers at Menlo Security are reporting a wave of attacks that began last month that are targeting financial and...

9.3CVSS0.5AI score0.99945EPSS
Exploits47References6
FireEye
FireEye
added 2017/11/28 7:0 p.m.10 views

Newly Observed Ursnif Variant Employs Malicious TLS Callback Technique to Achieve Process Injection

Introduction TLS Thread Local Storage callbacks are provided by the Windows operating system to support additional initialization and termination for per-thread data structures. As previously reported, malicious TLS callbacks, as an anti-analysis trick, have been observed for quite some time and...

7.5AI score
Exploits0References2
The Hacker News
The Hacker News
added 2017/11/20 6:13 a.m.16 views

BankBot Returns On Play Store – A Never Ending Android Malware Story

Even after so many efforts by Google for making its Play Store away from malware, shady apps somehow managed to fool its anti-malware protections and infect people with malicious software. A team of researchers from several security firms has uncovered two new malware campaigns targeting Google...

6.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/11/06 1:45 p.m.82 views

Mitigating and eliminating info-stealing Qakbot and Emotet in corporate networks

The threat to sensitive financial information is greater than ever. Data breaches, phishing attacks, and other forms of information theft are all too common in today’s threat landscape. Point-of-sale systems and ATMs have been targeted by hackers. Information-stealing trojans pose a risk to data...

6.7AI score
Exploits0
Veracode
Veracode
added 2017/11/01 6:40 a.m.19 views

System Compromise

npm-script-demo compromises the system. It is possible because the module can create an unauthorized connection to a command and control server when it is installed...

9.8CVSS9.2AI score0.01455EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2017/10/30 1:45 p.m.18 views

Malicious Chrome Extension Steals Data Posted to Any Website

Malicious browser extensions continue to bear fruit for hackers who have been using them to spread banking malware and adware, and hijacking popular add-ons to spread other nasty code. The latest abuse involves a Google Chrome extension being spread in phishing emails that steals any data posted...

0.1AI score
Exploits0References4
The Hacker News
The Hacker News
added 2017/09/26 2:52 a.m.239 views

First Android Malware Found Exploiting Dirty COW Linux Flaw to Gain Root Privileges

Nearly a year after the disclosure of the Dirty COW vulnerability that affected the Linux kernel, cybercriminals have started exploiting the vulnerability against Android users, researchers have warned. Publicly disclosed last year in October, Dirty COW was present in a section of the Linux...

7.2CVSS7.2AI score0.83524EPSS
Exploits85
Talos Blog
Talos Blog
added 2017/09/05 8:0 a.m.124 views

Graftor - But I Never Asked for This…

This post is authored by Holger Unterbrink and Matthew MolyettOverviewFree software often downloaded from large freeware distribution sites is a boon for the internet, providing users with functionality that otherwise they would not be able to use. Often users, happy that they are getting somethi...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2017/08/30 6:14 a.m.14 views

Gazer: A New Backdoor Targets Ministries and Embassies Worldwide

Security researchers at ESET have discovered a new malware campaign targeting consulates, ministries and embassies worldwide to spy on governments and diplomats. Active since 2016, the malware campaign is leveraging a new backdoor, dubbed Gazer, and is believed to be carried out by Turla advanced...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2017/08/28 3:44 p.m.18 views

Mobile WireX DDoS Botnet 'Neutralized' by Collaboration of Competitors

A collaboration between leading content delivery networks and technology companies—some of them competitors—is in the midst of shutting down the largest botnet of mobile devices ever recorded. The WireX botnet was detected on Aug. 17 after businesses in a number industries, most notably...

0.2AI score
Exploits0References2
Securelist
Securelist
added 2017/08/24 9:0 a.m.59 views

WAP-billing Trojan-Clickers on rise

During the preparation of the "IT threat evolution Q2 2017" report I found several common Trojans in the "Top 20 mobile malware programs" list that were stealing money from users using WAP-billing - a form of mobile payment that charges costs directly to the user's mobile phone bill so they don't...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2017/06/20 2:27 p.m.94 views

UCL Ransomware Linked to AdGholas Malvertising Group

A ransomware attack that closed off access to personal and shared drives at University College London last week has been linked to a malvertising campaign spreading Mole, a variant of CryptoMix ransomware. Kafeine, a white-hat who works for Proofpoint and is known for his research into exploit...

10CVSS0.3AI score0.94354EPSS
Exploits16References4
The Hacker News
The Hacker News
added 2017/06/08 6:3 a.m.19 views

First Android-Rooting Trojan With Code Injection Ability Found On Google Play Store

A new Android-rooting malware with an ability to disable device’ security settings in an effort to perform malicious tasks in the background has been detected on the official Play Store. What's interesting? The app was smart enough to fool Google security mechanism by first pretending itself to b...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2017/05/29 3:14 a.m.33 views

Judy Android Malware Infects Over 36.5 Million Google Play Store Users

Security researchers have claimed to have discovered possibly the largest malware campaign on Google Play Store that has already infected around 36.5 million Android devices with malicious ad-click software. The security firm Checkpoint on Thursday published a blog post revealing more than 41...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2017/03/22 6:2 a.m.12 views

Hackers Using Fake Cellphone Towers to Spread Android Banking Trojan

Chinese Hackers have taken Smishing attack to the next level, using rogue cell phone towers to distribute Android banking malware via spoofed SMS messages. SMiShing — phishing attacks sent via SMS — is a type of attack wherein fraudsters use number spoofing attack to send convincing bogus message...

7AI score
Exploits0
n0where
n0where
added 2016/12/07 5:52 a.m.26 views

Powerful Extensible Wireless Drop Box: Pina Colada

Powerful Extensible Wireless Drop Box Pina Colada, a powerful and extensible wireless drop box, capable of performing a wide range of remote offensive attacks on a network. It can currently be controlled only via a command line interface, but a Command and Control remote server functionality is...

0.3AI score
Exploits0References2
Rows per page
Query Builder