Malware researchers from CSE Cybsec ZLab discovered a missed link between the Necurs Botnet and a variant of the Ursnif trojan that recently hit Italy. Starting from 6th June, a new version of the infamous banking trojan Ursnif hit Italian companies. This malware is well known to the cyber-security community, the Ursnif banking Trojan was […]
The post CSE Malware ZLab – A new variant of Ursnif Banking Trojan served by the Necurs botnet hits Italy appeared first on Security Affairs.
WannaSpam – Many users have received a mysterious message that claims their PC was infected by WannaCry Ransomware. Crooks ask victims to pay a ransom, but it’s a scam. Many users have received a mysterious message from a group that called itself the “WannaCry-Hack-Team” that claims that WannaCry Ransomware has returned. The mail informs the recipients that their computer has […]
The post WannaSpam – Beware messages from WannaCry-Hack-Team, it is the last hoax appeared first on Security Affairs.
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · ClipboardWalletHijacker miner hijacks your Ether and Bitcoin […]
The post Security Affairs newsletter Round 168 – News of the week appeared first on Security Affairs.
Vulnerabilities in Fredi Wi-Fi baby monitor could be exploited by a remote unauthenticated attacker to control it and spy on the family. Security researchers at SEC Consult reported discovered that vulnerabilities in Fredi Wi-Fi baby monitor could be exploited by a remote unauthenticated attacker to control it and spy on the family. The investigation started when […]
The post Vulnerabilities in Fredi Wi-Fi baby monitor can be exploited to use it a spy cam appeared first on Security Affairs.
A security researcher has devised a method to brute force a passcode on every Apple iPhone or iPad, even the up-to-date ones. Since iOS 8 rolled out in 2014, iPhone and iPad devices are protected with encryption, without providing passcode it is quite impossible to unlock the device. If the user enters more than 10 times […]
The post A hacker devised a method to unlock any iPhone and iPad device appeared first on Security Affairs.
The Supreme Court of the US ruled that police must obtain a search warrant before obtaining mobile location data from mobile carriers and similar services. The Supreme Court of the United States ruled this week that law enforcement must obtain a search warrant before obtaining cell phone location information from mobile carriers or third-party services. […]
The post Supreme Court of the US Police ruled that police need warrant for mobile location data appeared first on Security Affairs.
SWIFT hackers continue to target banks worldwide, the last string of attacks hit financial institutions across Latin America. According to three people with knowledge of the matter cited by Cyberscoop the attacks were carried by North Korea-linked APT groups that targeted also other banks Recent attacks hit Mexico’s Bancomext and Chile’s Bank of Chile, in both cases the attackers used a […]
The post According to the experts, North Korea is behind the SWIFT attacks in Latin America appeared first on Security Affairs.
A flaw in the Edge browser, dubbed Wavethrough, addressed by latest Microsoft Patch Tuesday for June 2018 could be exploited to read restricted data. A bug in the Edge browser addressed by latest Microsoft Patch Tuesday for June 2018 could be exploited by attackers via malicious or compromised websites to read restricted data. The flaw was reported by […]
The post Wavethrough CVE-2018-8235 flaw in Microsoft Edge leaks sensitive data appeared first on Security Affairs.
Crooks are attempting to exploit a recently patched Drupal vulnerability, tracked as CVE-2018-7602, to drop Monero mining malware onto vulnerable systems. The CVE-2018-7602 flaw is a highly critical remote code execution issue, also known as Drupalgeddon3, that was addressed by the Drupal team in April with the release of versions 7.59, 8.4.8 and 8.5.3. The security patch for the […]
The post Crooks exploit CVE-2018-7602 Drupal flaw, aka Drupalgeddon3 to deliver Monero miner appeared first on Security Affairs.
Security experts from AlienVault have spotted a new piece of malware named GZipDe that was used in a cyber-espionage campaign. GZipDe is downloader that is used by threat actors to fetch other payloads from a server controlled by attackers. The malware was detected after user from Afghanistan has uploaded a weaponized Word document on VirusTotal service, the […]
The post GZipDe Downloader spotted serving a Metasploit backdoor appeared first on Security Affairs.