SMS-virus attacks Ukrainian users‘ smartphones. Only devices, based on Android platform are under thread. Many owners of smartphones, Ukrainian mobile operators subscribers became victims of SM-virus. It attacks in such a way that all money is drawn from account, calls are locked, and thus a virus sends messages with the harmful program link to all contacts in the phone book.
Having received the message from known or unknown number, the subscriber follows the link and automatically catches Trojan. After installation, the virus sends information on the victim‘s device, such as IMEI, IMSI, owner‘s number, his location, the version of OS, the model of smartphone etc.
Read moreWhite hat hacker Ben Caudill is halfway through his sandwich when he casually reaches over to his iPhone, swipes the screen a few times, then holds it up to me. “Is that you?” he asks.
It is, but nobody was supposed to know. He’s showing me one of my posts to Secret, the popular anonymous sharing app that lets you confess your darkest secrets to your friends without anyone knowing it’s you. A few minutes ago I gave Caudill my personal e-mail address, and that was all he needed to discover my secret in the middle of a Palo Alto diner, while eating a BLT. My secret is pretty lame, but Secret’s stream is slurry of flippant posts, Silicon Valley gossip, and genuinely personally confessions like.
Read moreVictims of the CryptoWall ransomware have been extorted out of at least $1m. Despite a takedown operation in June, CryptoWall continues to be the largest and most destructive ransomware threat on the internet, according to the latest analysis of the threat by security researchers from Dell SecureWorks Counter Threat Unit.
Cryptowall is a strain of file-encrypting ransomware that encrypts files on infected Windows PCs and attached storage devices with RSA-2048 encryption before demanding a ransom for the private key that recovers the documents. Dell SecureWorks CTU researchers registered a domain used by the CryptoWall malware as a backup command and control (C2) server in February.
Read moreThe FBI is investigating an incident of data theft from JPMorgan Chase & Co. (JPM) that could potentially have been carried out by Russian hackers, Bloomberg reported Thursday, citing sources familiar with the situation.
“The way the Russians do it, to the extent we can see into the process, is they encourage certain targets,” James Lewis, the director of the Strategic Technologies program at the Center for Strategic and International Studies in Washington, was quoted as saying by Bloomberg. “The Russians typically keep open the options to do something more, and the question now is what would trigger that and what would our response be,” he added.
Read moreAs many of you may have already been aware, a breach at Community Health Systems (CHS) affecting an estimated 4.5 million patients was recently revealed. TrustedSec obtained the first details on how the breach occured and new information relating to this breach.
The initial attack vector was through the infamous OpenSSL “heartbleed” vulnerability which led to the compromise of the information. This confirmation of the initial attack vector was obtained from a trusted and anonymous source close to the CHS investigation. Attackers were able to glean user credentials from memory on a CHS Juniper device via the heartbleed vulnerability.
Read moreCryptolocker is being flogged over YouTube by vxers who have bought advertising space, researchers Vadim Kotov and Rahul Kashyap have found. The researchers made the discovery while monitoring YouTube and website banners for instances where malware writers had actually purchased space to foist their wares on unpatched web users.
The duo who will present at the upcoming Virus Bulletin 2014 conference in Seattle wrote in a paper advertisement networks was a viable way to flog virus and trojans.
Read moreThe Swiss Switch CH Company declared that the Trojan code, which attacks online banking systems of Switzerland‘s large banks was found.
Experts claim that the code is Russian; it is also capable to change settings in domain system of the computer or abduct SMS keys. In practice the Trojan aims the victim to appear on hacker‘s site and there all requisites for access to the real banking will be taken. The most important thing is the malicious code is capable to bypass even a two-factorial identification system; in addition it is capable to change DNS records in such a way that the client won’t notice anything.
Read moreThe Bluebox Labs Company experts have published information about security vulnerability on Android platform which allows hackers to get access into functions of gadgets and to personal information without user‘s knowledge.
However many users are in danger as vulnerability was corrected only in the last Android version, but in other versions it still exists. After the Bluebox Labs Company found vulnerability, in English-speaking releases "hole" it was called "super vulnerability of new type", it is likely because of possibility to extend extremely malicious software. BlueBox experts called vulnerability Fake ID, because it allows malware apps to pass fake credentials to Android, which fails to properly verify the app's cryptographic signature.
Read moreAlmost a year ago, at the ‘Hack In The Box’ security summit in Amsterdam, a security researcher at N.Runs and a commercial airline pilot, Hugo Teso presented a demonstration that it's possible to take control of aircraft flight systems and communications using an Android smartphone and some specialized attack code.
Quite similar to the previous one, a security researcher claims to have devised a method that can give cyber criminals access to the satellite communications equipment on passenger jets through their WiFi and in-flight entertainment systems. Santamarta research paper titled “SATCOM Terminals: Hacking by Air, Sea and Land” explains that ships, aircraft and industrial facilities are all at risk of being compromised — perhaps with catastrophic results.
Read moreThe Tor encryption service is a high-profile bastion of computer security, but the project appears to have been compromised earlier this year.
Today, the Tor Project blog announced that an unknown party likely managed to gather information about people who were looking up hidden services — websites that users can operate and visit anonymously, like Silk Road — and could theoretically have compromised other parts of the network. Anyone who used Tor between early February and July 4th of 2014 "should assume they were affected" by the attack, says the Tor team. But they don't know what exactly that means.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland