A wave of email-based phishing campaigns is targeting airline consumers with messages that contain malware that infects systems or links to spoofed airline websites that are personalized to trick victims into handing over personal or business credentials. “Over the past several weeks, we have seen a combination of attack techniques.
One, where an attacker impersonates a travel agency or someone inside a company. Recipients are told an email contains an airline ticket or e-ticket,” said Asaf Cidon, vice president, content security services at Barracuda Networks. Attachments, he said, are documents rigged with malware or are designed to download it from a command and control server.
Read moreOpen-source developers who use Github are in the cross-hairs of advanced malware that can steal passwords, download sensitive files, take screenshots, and self-destruct when necessary.
Dimnie, as the reconnaissance and espionage trojan is known, has largely flown under the radar for the past three years. It mostly targeted Russians until early this year, when a new campaign took aim at multiple owners of Github repositories. One commenter in this thread reported the initial infection e-mail was sent to an address that was used solely for Github, and researchers told they have no evidence it targeted anyone other than Github developers.
Read moreA new adware family changes the contact details of legitimate security companies in search results to promote tech support scams.
Dubbed Crusader, the adware is often installed as part of nuisanceware and free software bundles, downloading itself as a free browser extension for Chrome, a Firefox add-on, and Internet Explorer Browser Helper Object. When executed, the malware requests permissions to read and change the information on websites you visit, and should the user grant permission, their entire internet traffic is at risk of exploit or manipulation. Crusader pulls instructions from a configuration file downloaded after a user is infected.
Read moreChinese Hackers have taken Smishing attack to the next level, using rogue cell phone towers to distribute Android banking malware via spoofed SMS messages.
SMiShing — phishing attacks sent via SMS — is a type of attack wherein fraudsters use number spoofing attack to send convincing bogus messages to trick mobile users into downloading a malware app onto their smartphones or lures victims into giving up sensitive information. Security researchers have uncovered that Chinese hackers are using fake base transceiver stations to distribute "Swearing Trojan," an Android banking malware that once appeared neutralized after its authors were arrested in a police raid.
Read moreA hacker or group of hackers is apparently trying to extort Apple over alleged access to a large cache of iCloud and other Apple email accounts. The hackers, who identified themselves as 'Turkish Crime Family', demanded $75,000 in Bitcoin or Ethereum, another increasingly popular crypto-currency, or $100,000 worth of iTunes gift cards in exchange for deleting the alleged cache of data.
"I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing," one of the hackers told. The hackers provided screenshots of alleged emails between the group and members of Apple's security team.
Read moreIt is no secret that cybercriminals are becoming dramatically more adept, innovative, and stealthy with each passing day. While new forms of cybercrime are on the rise, traditional activities seem to be shifting towards more clandestine techniques that involve the exploitation of standard system tools and protocols, which are not always monitored.
The latest example of such attack is DNSMessenger – a new Remote Access Trojan that uses DNS queries to conduct malicious PowerShell commands on compromised computers – a technique that makes the RAT difficult to detect onto targeted systems. The Trojan came to the attention of Cisco's Talos threat research group by a security researcher named Simpo, who highlighted a tweet that encoded text in a PowerShell script that said 'SourceFireSux.'
Read moreTeamSpy is back and it's turning TeamViewer into the spying tool that no one wants. According to security firm Heimdal, a new spam campaign emerged, carrying the TeamSpy malware which can give hackers full access to a compromised computer.
This isn't a new type of malware whatsoever. In fact, back in 2013, it was wrecking havoc in countless computers. Back then, attackers were gathering information from victims, be them ordinary users or high profile individuals working in industries or research. This time around, however, it seems that TeamViewer has not been compromised as it happened in the past, so reusing their passwords should be safe.
Read moreHong Kong's securities regulator said brokers in the city had suffered cyber attacks and warned of possible further incidents across the industry.
Regulators in Hong Kong have been stepping up efforts over the past year to combat the growing menace of cyber attacks on companies. A survey in November showed the average number of such attacks detected by firms in mainland China and Hong Kong grew a whopping 969 percent between 2014 and 2016. The Securities and Futures Commission said it had been informed by the Hong Kong police that brokers had encountered DDoS attacks targeting their websites and received blackmails from criminals.
Read moreLloyds Banking Group suffered 48-hour online attack this month as cybercriminals attempted to block access to 20m UK accounts.
The denial of service attack ran for two days from Wednesday 11 January to Friday 13 January, as Lloyds, Halifax and Bank of Scotland were bombarded with millions of fake requests, designed to grind the group’s systems to a halt. Usually in a denial of service (DOS) attack the criminals demand a large ransom, to be paid in bitcoins, to end the onslaught. However, no accounts were hacked or compromised during the attack, and Lloyds did not pay a ransom.
Read moreA gang is using Google services to issue command and control communications to help monitor and control the machines of unsuspecting malware victims. The Carbanak hacking group is one of the most successful cybercriminal operations in the world.
Since it started operating in 2013, the gang has attacked banks, e-payment systems and financial institutions across the globe using Trojan malware in a stealthy and continuous campaign, making off with a suspected total of over $1 billion in stolen funds. Carbanak is a highly organised group and continually evolves its tactics in order to continue to carry out cybercrime while avoiding detection.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland