Latest News

2020/05/19

ProLock Ransomware Teams Up With QakBot Trojan to Infect Victims

A relatively new ransomware, ProLock, has paired up with the QakBot banking trojan to access victims’ networks. ProLock’s leveraging of QakBot gives it bolstered persistence, anti-detection and credential-dumping techniques.

ProLock ransomware first emerged in March as a successor to another recent malware strain, PwndLocker, and has made its mark targeting financial, healthcare, government and retail organizations. ProLock’s first big attack targeted major ATM provider Diebold Nixdorf at the end of April.
2020/03/30

Hackers Hijack Routers to Spread Malware Via Coronavirus Apps

Cybercriminals are hijacking routers and changing Domain Name System (DNS) settings, in order to redirect victims to attacker controlled sites promoting fake coronavirus information apps. If victims download these apps, they are infected with information-stealing Oski malware.

This latest attack shows that hackers are becoming more creative in how they leverage the coronavirus pandemic. And it appears to be working – researchers believe that at least 1,193 victims have been targeted by this cyberattack over just the past couple of days. Reports of the hacks began on March 18, and have since skyrocketed over the past week, with victims from the U.S., Germany and France being mostly targeted.
2020/03/24

Microsoft RCE Vulnerabilities Affecting Windows, Windows Server

Microsoft has released a security advisory to address remote code execution vulnerabilities in Adobe Type Manager Library affecting all currently supported versions of Windows and Windows Server operating systems. A remote attacker can exploit these vulnerabilities to take control of an affected system. Microsoft is aware of limited, targeted attacks exploiting these vulnerabilities in the wild.
2020/03/06

Virgin Media exposes data of 900,000 users via unprotected marketing database

Virgin Media, a provider of telephone, television, and internet services in the UK, disclosed today a data breach that was caused by a database server left exposed online without a password.

The incident exposed the personal details of approximately 900,000 customers, representing around 15% of the company's entire customer base.

Exposed data varies by user, but it could contain names, home addresses, emails, phone numbers, along with technical and product information.

Virgin Media said the database was used for marketing activities and, as a result, did not contain sensitive information, such as passwords or financial details.
2020/02/27

New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices

Cybersecurity researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress—apparently powering over a billion devices, including smartphones, tablets, laptops, routers, and IoT gadgets.
Dubbed 'Kr00k' and tracked as CVE-2019-15126, the flaw could let nearby remote attackers intercept and decrypt some wireless network packets transmitted over-the-air by a vulnerable device.
The attacker does not need to be connected to the victim's wireless network and the flaw works against vulnerable devices using WPA2-Personal or WPA2-Enterprise protocols, with AES-CCMP encryption, to protect their network traffic