Researchers have discovered another technique cyber criminals can use to take over your computer. The zero-day attack called DoubleAgent exploits Microsoft's Application Verifier tool, which developers use to detect and fix bugs in their apps.
Developers have to load a DLL into their applications to check them, and researchers found that hackers can use the tool to inject their own DLLs instead of the one Microsoft provides. The team proved that the technique can be used to hijack anti-virus applications and turn them into malware. The corrupted app can then be used to take control of computers running any version of Windows.
Read moreA security vulnerability in Windows 10 Mobile allows anyone to bypass the security code and access the photo gallery on a device running either production or preview builds shipped as part of the Windows Insider program.
While at the moment it looks like the latest Windows 10 Mobile Redstone 2 preview builds are not affected by the flaw, WindowsTeam reports that pretty much anyone can bypass the passcode using just a few simple steps that eventually provide access to photos. To exploit the bug, all you have to do is open the camera while the device is still locked using the camera shortcut on the lock screen, take a photo and then open it using the little thumbnail in the left lower corner.
Read moreThe Shadow Brokers who previously stole and leaked a portion of the NSA hacking tools and exploits is back with a Bang!
The hacking group is now selling another package of hacking tools, “Equation Group Windows Warez,” which includes Windows exploits and antivirus bypass tools, stolen from the NSA-linked hacking unit, The Equation Group. The Shadow Brokers is a notorious group of black-hat hackers who, in August 2016, leaked exploits, security vulnerabilities, and "powerful espionage tools" created by The Equation Group. On Saturday, the Shadow Brokers announced the sale of the entire "Windows Warez" collection.
Read moreThere's a zero-day exploit in the wild that's being used to execute malicious code on the computers of people using Tor and possibly other users of the Firefox browser. According to security researchers who analyzed the code, it exploits a memory corruption vulnerability that allows malicious code to be executed on computers running Windows.
The malicious payload it deliversis almost identical to one that was used in 2013 to deanonymize people visiting a Tor-shielded child pornography site. The FBI ultimately acknowledged responsibility for the exploit, which was embedded in webpages served by a service known as Freedom Hosting.
Read moreOne of the most recent support call scams involves Microsoft’s Security Essentials, the free antivirus solution that the company is offering to users of Windows 7 or older Windows versions.
The company published a warning to explain that this fake Microsoft Security Essentials antivirus is actually a scam and whose only goal is to convince you that there’s something wrong with your PC, only to pay for fake repairs. After installing, the fake package generates a Blue Screen of Death, which once again contains elements proving it’s all just a malicious attempt to steal your money. The BSOD displays contact information.
Read moreThe group behind the FastPOS malware has updated their trojan with a new data exfiltration mechanism that abuses the Windows Mailslots mechanism to store data before exfiltration from infected systems.
This new version of POS malware came to light this past summer when researchers discovered ads for it on underground carding forums. Analysis of the malware showed a new POS malware family that focused on speed and sacrificed stealth, an opposite approach to how most POS malware operate today. Trend Micro continued its analysis of this malware after the initial detection and discovered traces of FastPOS activity dating back to March 2015.
Read moreBrowsing through Microsoft patent library we often come across ideas which we wish they implemented, but which never made it to a product. Today we came across the opposite – an idea whose time we hope never comes.
The patent notes that efficient searching is enhanced if more information is available regarding the user intent, giving the example of someone doing a school report on dancing, and noting that despite the user having done some work already, when they hit the browser to search the search engine would not have any idea what the user is working on except for what they have typed into the search bar. People use multiple desktop applications in order to complete a single task.
Read moreThere’s yet another new type of ransomware out there. Fantom is a new form of the malicious virus that disguises itself as an important Windows update. Ransomware encrypts a victim’s files and holds them ransom for a fee — and cybercriminals are getting savvier in tricking people into clicking malicious links and downloading the virus.
Fantom was discovered by Jakub Kroustek, a security researcher at AVG. He found that the culprits had actually gone to great lengths to disguise their work. The malicious file’s properties list details like Microsoft’s copyright and trademark information to make it appear legitimate.
Read moreIt was only a matter of time until some clever hacker decided to leverage Pokemon GO's huge success to create Pokemon-themed ransomware. The bad news is that the person who developed this new threat is not happy with just delivering a basic crypto-ransomware but is also interested in data exfiltration scenarios as well as creating a backdoor account on the infected devices.
This new ransomware appears to be currently under development, gearing up for a larger distribution campaign. The person behind this ransomware is distributing the threat as a Windows executable called PokemonGo.exe, which includes an icon of a very adorable Pikachu.
Read moreTech support scams are commonplace. You receive a cold call from someone pretending to be from Microsoft, they attempt to convince you that they have "scanned" your computer and there are viruses and all they need to do as part of this dedicated customer service is go in there and clean it up for you.
As long as you hand over details of your account and your bank details, of course. Unfortunately, such scams remain lucrative, especially if some of the older generation or vulnerable people are targeted. Now cyberscammers have taken a tip or two from the rise of ransomware to make their schemes even more profitable.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland