Mash – Page 25 – Wildcat Cyber Patrol

Old fixed Windows vulnerability is abused again

The vulnerability CVE-2020-0986 was exploited as a zero-day in May and was presumably fixed since then, however, the security researchers [...]

News

Posted on December 24, 2020 by Mash

List of organizations where SolarWinds and Sunburst were deployed has been revealed

The investigation over Solarwinds is still ongoing, and the most recent discovery, coming from the cybersecurity firm Truesec, includes the [...]

How-to

Posted on December 23, 2020 by Mash

SUPERNOVA backdoor found in SolarWinds cyberattack, likely from a second threat actor

SUPERNOVA is a webshell planted in the code of the Orion network and apps monitoring the platform, enabling adversaries to [...]

News

Posted on December 22, 2020 by Mash

Hackers use network of mobile device emulators to steal millions from online bank accounts

IBM Trusteer researchers have uncovered a massive fraud operation that leveraged a network of mobile device emulators to steal millions [...]

News

Posted on December 21, 2020 by Mash

Gitpaste-12 worm botnet is back with new tricks

Gitpaste-12 is a recently discovered worm botnet, that was known to host malicious payload on Pastebin and was spreading using [...]

News

Gitpaste-12

Posted on December 20, 2020 by Mash

Russian state-sponsored hacking group breached US think tank three time in a row

A recent attack via trojanized update for SolarWinds network was not the first successful attempt on compromising U.S. internal network [...]

News

Posted on December 19, 2020 by Mash

Top browser makers ban MitM HTTPS certificate

Google, Apple, Microsoft and Mozilla has agreed to ban MitM certificate, used by Kazakhstan government to spy on their citizens [...]

News

Posted on December 19, 2020 by Mash

Magecart malware dropper leaks list of targeted stores

Threat actors used dropper to deploy RAT (remote access trojan) on a compromised store websites, that are used to regain [...]

News

Magecart

Posted on December 19, 2020 by Mash

Malicious Chrome and Edge extensions hit over 3,000,000 installs

Malware-laced extensions, found by Avast Threat Intelligence researchers and disguised as a helper add-ons for Instagram, Facebook and Vimeo have [...]

News

Posted on December 17, 2020 by Mash

Microsoft, FireEye, and GoDaddy to collaborate to create kill switch for SolarWinds SUNBURST backdoor

Recent FireEye report has revealed that Russian-state sponsored hackers breached SolarWinds and added malicious code to Windows DLL file used [...]

News

Posted on December 17, 2020 by Mash

SystemBC malware used by ransomware gangs to automate payload delivery

SystemBC was first discovered in 2018 and was previously used in several campaigns in 2019 as a virtual private network, [...]

News

Posted on December 17, 2020 by Mash

Attacker leverages SolarWinds supply chain with SUNNURST backdoor

FireEye has discovered a widespread campaign, tracked as UNC2452. The campaign started this Spring and is targeting organizations across the [...]

News

Posted on December 15, 2020 by Mash

Molerats cyberespionage group abuses Google and Facebook services in phishing campaign

Molerats hacking group was noticed to use the fresh version of the SharpStage malware, relying on Dropbox, Google Drive, and [...]

News

Posted on December 15, 2020 by Mash

Google Chrome to block ads using a lot of system resources

Some of the modern ads are known to be intrusive and to use a lot of system resources, being able [...]

News

Posted on December 15, 2020 by Mash

UK Subway marketing system hacked to send TrickBot phishing emails

Subway UK has stated that a hacked system used for marketing campaigns is responsible for the malware phishing emails sent [...]

News

TrickBot

Posted on December 14, 2020 by Mash

Chrome 88 update will prevent uBlock Origin and other adblockers from working

Chrome 88 will feature Manifest V3 support for the Declarative Net Request API, which brings a number of restrictions to [...]

News

ad
Google

Posted on December 13, 2020 by Mash

Facebook reveals the identity of APT32 hacking group

This Thursday Facebook revealed the true identity of APT32 group, as an answer to them using the platform to spread [...]

News

Facebook

Posted on December 12, 2020 by Mash

Qbot malware uses new stealthy autostart method

Qbot is a banking trojan used by threat actors to steal banking credentials and personal information. The new method that [...]

News

Posted on December 11, 2020 by Mash

PlayStation Now security vulnerabilities allow site run malicious code on Windows PCs

Microsoft issued guidance on mitigation of the DNS cache poisoning bug, exploiting which allows threat actors to use modified DNS [...]

News

PlayStation

Posted on December 10, 2020 by Mash

Russian state-sponsored threat actors exploit new VMware vulnerability to steal data

The National Security Agency (NSA) has stated a warning about Russian hackers exploiting recently patched VMware vulnerability. NSA didn't publicly [...]

News

VMware

Posted on December 8, 2020 by Mash

Microsoft introducing 'Windows Feature Experience Packs' to replace scheduled updates

According to Microsoft's recent blog post, Windows Feature Experience Packs will be used to quickly deliver improvements and bug fixes [...]

News

Posted on December 8, 2020 by Mash

MetaMask phishing steals crypto wallets with fake Google ads

MetaMask has a community of over a million users, that offers an Ethereum wallet via browser extension that lets distributed [...]

News

Posted on December 7, 2020 by Mash

Credit card stealing malware disguises itself as media share icons

Recently discovered new web skimming malware is capable to disguise itself as social media buttons to inject the payment card [...]

News

Credit Card

Posted on December 6, 2020 by Mash

CLOP ransomware claims to have stolen 2 million credit cards from E-Land Retail in a year

E-Land retail operates several retail clothing stores, such as New Core and NC Department Store. Last month E-Land Retail has [...]

News

CLOP
E-Land

Posted on December 4, 2020 by Mash

Hacker-for-hire group DeathStalker develops backdoor malware

DeathStalker group, previously known as Deceptikons, is a long-time active threat actor, known for using a large variety of malware [...]

News

PowerPepper

Posted on December 4, 2020 by Mash

The critical remote code execution (RCE) vulnerability is abused by DarkIRC botnet

DarkIRC botnet is actively exploiting the vulnerability tracked as CVE-2020-14882 to target a large number of exposed Oracle WebLogic servers. [...]

News

Posted on December 3, 2020 by Mash

Gootkit trojan and REvil ransomware are targeting Germany in the new campaign

Gootkit Trojan is Javascript-based malware, that gets remote access for threat actors alongside other malicious actions, such as password and [...]

News

Posted on December 3, 2020 by Mash

Vietnamese government-backed hackers are linked to crypto-mining malware campaigns

Vietnamese hacker group tracked as Bismuth, better known as APT32 and OceanLotus, has increased its activity and made some changes [...]

News

crypto

Posted on December 1, 2020 by Mash

Complex Office 365 phishing scheme uses Oracle and Amazon cloud services

The currently active Office 365 phishing campaign for stealing credentials is reported to have a huge infrastructure, combining several Oracle [...]

News

Posted on November 28, 2020 by Mash

Don't miss best Black Friday Antivirus deals!

Black Friday is here and brought a lot of great deals, including the antiviral software deals. These discounts only work [...]

News

black friday

Posted on November 27, 2020 by Mash

New WAPDropper malware subscribes user to premium services without their permission

Security researchers are warning users about the new malware family WAPDropper that currently targets mobile users to subscribe them to [...]

News

Posted on November 26, 2020 by Mash

Hackers bypass Google protection systems for Play Android using fake Minecraft mods

The apps with fake modpacks are made to lure kids, looking to modify their Minecraft experience. Those fake modpacks don't [...]

News

Posted on November 25, 2020 by Mash

Windows 20H2 - stable, but still buggy

Windows 10 October 2020 Update also known as 20H2 has brought a decent amount of improvements but still features a [...]

News

Windows 10

Posted on November 25, 2020 by Mash

Hackers take control over 300 000 Spotify accounts using login credentials database

According to a VPNMentor security report, a database exposed on the Internet contained 300 million username and password combos that [...]

News

Spotify

Posted on November 25, 2020 by Mash

Hacker posts a list of exploits for around 50 000 Fortinet VPNs

A list of one-line exploits with the purpose of stealing VPN credentials from Fortinet VPN devices has been posted yesterday. [...]

News

Posted on November 24, 2020 by Mash

TrickBot malware v100 released with new features

TrickBot is a well-known malware family, commonly distributed via phishing emails and other malware. After the installation, TrickBot downloads a [...]