Malware

Office 365 Now Warns of Fraudulent Senders Emails

A new Office 365 feature, known as’ Unchecked Sender,’ is currently being developed by Microsoft, to help users identify possible spam or phishing messages reaching Outlook client inbox. “Unverified sender is a new Office 365 function that allows end users in their inbox to recognise suspicious messages,” the company says on the entry of the…

Hackers Hiding Fake WordPress Plugins Backdoor Sites

The hackers use malicious plug-ins that hide in the clear view and serve as backdoors to obtain and maintain a foothold on WordPress websites and to upload web shells and scripts for brutalization on other pages. For example, some of these fake backdoor plugins— called initiatorseo or updrat123 of its developers— have seen the very…

Fake WordPress Plugin Comes with the Mining Feature of Cryptocurrency

Malicious plug-ins are not only used to keep access to the compromised database but also to mine for cryptocurrencies. Researchers at website security firm Sucuri found that in recent months the number of malicious plug-ins has increased. The elements are copies of legitimate and harmful code. Such fake plugins are usually used to give attackers…

Russian Bear Hackers Found for Years After They Have Been Undetected

Cozy Bear, a risk actor supposedly working for the Russian government, managed to undetect cyber espionage activities in recent years by using malware families previously unknown to security researchers. The group was able to sustain its operation under radar for a long time, using stealthy communication techniques between infected systems and command and control (C2)…

Chinese Hackers Use New Cryptojacking Detection Techniques

Chinese-speaking cyber-crimes group Rocke, known for running multiple large-scale malicious cripto-mining campaigns, has now switched to new Tactics, Techniques and Procedures (TTPs). Rocke is an economically motivated group of threats first discovered in April 2018 by the researchers of the Cisco Talos team when targeting unpatched Apache Struts, Oracle WebLogic and Adobe ColdFusion servers. The…

Uses New PortReuse Malware Against Asian Manufacturer Winnti Group

With a new modular Windows backdoor, Winnti group hackers have upgraded their arsenal to infect servers from a highly-professional Asian mobile hardware and software manufacturer. ShadowPad malware has also been added to the hacking group, with random modular IDs and some extra uncertainty being the most noticeable additions according to ESET researchers who have been…

Sodinokibi Ransomware: Following the Money Trail of Affiliate

Following the posting of partial transaction IDs for ransomware payment by a Sodinokibi affiliate, researchers were able to use the information in order to track affiliates ‘ money trail and sometimes how they invest their illegal profits. Earlier this month, McAfee looked at the Gand Crab Ransomware as a collaborator and how the Sodinokibi Ransomware…

Spam Campaign FTCode PowerShell Ransomware Resurfaces

An ancient PowerShell ransomware resurfaced to Italian recipients with a vengeance in a spam allocation. This ransomware is called the FTCode and is fully PowerShell-based so that the computer can be encrypted without any other parts downloaded. Since 26 September, fresh ransomware named FTCode, which was distributed via spam, has been reported [ 1, 2,3,…

New Exim vulnerability Exhibits DoS servers, RCE risks

A fresh critical vulnerability was patched to avoid denial of service (DoS) or potentially remote code implementation assaults in the Exim mail transfer agent (MTA) software. The CVE-2019-16928 safety bug that was reported by QAX-A-TEAM has also been corrected today in Exim version 4.92.3, and affects all versions from 4.92 up to (and including) 4.92.2….

Beware of Google Alert Links Leading to Malware and Scams

Google Alerts is a helpful service that enables you to obtain messages or an updated RSS feed when fresh Google search pages appear that relate to certain keywords. Sadly, when something is nice, individuals attempt to use it to drive customers into scams and malware. Google Alerts enables you to submit keywords that you do…