Top Security News

Beware: Cybercriminals Leveraging Coronavirus to Exploit Computer Users and Spread Malware It hasn't taken a lot of time for threat actors to realize the social engineering opportunity that the novel coronavirus (2019-nCoV) has presented them. The respiratory infection that originated in...
Beware: Fake FedEx Text Alerts and Emails Used in New Scam There is an awful lot of spam making the rounds, both in email and mobile text format. With an average of 300 billion emails being sent every day and the majority of those being spam that has...
Ransomware Attack Costs 300 Employees their Jobs Did you know that a ransomware attack could cost you your job? That is exactly what happened to 300 employees at an Arkansas Telemarketing firm that was forced to lay off 300 of its employees and...

Top Articles

VulkanRT

The software package known as VulkanRT has recently caused a bit of commotion online. There have been posts on various forums and online communities, made by people who got confused by the sudden appearance of an entry named "VulkanRT" in their installed programs list. Some users were surprised and confused by the new entry and, not knowing what it was, assumed it was a virus and communicated their fears online. In reality, VulkanRT is not a threat or a malicious piece of software. The RT in the name stands for "runtime libraries". Vulkan, on the other hand, is the name of a graphical API which has the purpose of providing direct control over the computer's GPU and CPU usage. VulkanRT is developed by the Khronos Group in 2014 with the participation of huge IT names such as Intel, NVidia, AMD, Google , and Apple. The API was initially...

Posted on December 29, 2017 in Browser Hijackers

Bundesliga-streams.net

The Bundesliga-streams.net website does not host any unsafe content, but it is a shady page that should be avoided. Users who come across the Bundesliga-streams.net page were likely looking for illicit streams of football (soccer) games from the German football league called the Bundesliga. We recommend you not to visit websites like the Bundesliga-streams.net as they are hosting illicit content and often have malvertising present on their page. These malvertising campaigns tend to promote low-quality products and dodgy or fake services. Uses Social Engineering Tricks The Bundesliga-streams.net site, much like many other shady pages, is likely to use a variety of social engineering techniques to manipulate the actions of the user. Among them can be: The users may be asked to download and install a fake codec pack or media player if...

Posted on November 11, 2019 in Browser Hijackers

Sodinokibi Ransomware

Sodinokibi Ransomware is a new malware threat that is gaining traction in the cybercriminal circles. Although Sodinokibi operates in the typical ransomware fashion - it infiltrates the victim's computer, uses a strong encryption algorithm to encrypt the files, and demands a payment for their restoration, analyzing its underlying code reveals that it is an entirely new malware strain and not an updated variant of an already existing ransomware. Zero-Day Exploit Facilitates First Sodinokibi Attack Sodinokibi was first detected on April 25 when it was used in an attack that exploited a zero-day Oracle WebLogic Server vulnerability. The severity of the zero-day exploit couldn’t be understated as it allowed the remote execution of code without any of the otherwise required authentication credentials. Oracle issued a patch on April 26,...

Posted on May 1, 2019 in Ransomware

More Articles

VSearch

The VSearch application is adware designed for Mac computers. Many Apple users still rely on the false notion that Mac computers are impenetrable, and no cyber threat can compromise them. This is certainly not the case, and this line of thinking has put numerous Mac users’ systems in danger. Each year there is an increasing number of malicious applications, PUPs (Potentially Unwanted Programs), and adware designed to specifically target Mac systems. Among the most recently reported cases of a dubious application targeting OSX systems is the VSearch adware app. The VSearch adware is likely promoted as a genuine, useful tool that will help users optimize their search results. This is definitely not the case. It is also likely that the VSearch adware may be installed alongside a bundle of other freeware applications. Often, the...

Posted on February 20, 2020 in Adware

OperatorMac

The OperatorMac is an adware family that goes after Mac systems only. Thankfully, the OperatorMac application is not affiliated with the distribution of malicious software or any harmful scams. If you have adware installed on your computer, you are likely to notice an increase in the advertisements displayed on the websites you visit. The ads linked to the activity of various types of adware may come in all shapes and forms. The OperatorMac adware may present its users with highlighted text, a variety of banners, random hyperlinks, pop-up windows, flashy alerts, etc. This can end up significantly diminishing your Web browsing quality. Applications like the OperatorMac adware may promote dodgy products that users should avoid – fake raffles, dubious gambling platforms, bogus dating websites, adult entertainment streaming sites, etc. It...

Posted on February 20, 2020 in Adware

MacBooster

The MacBooster application is a dubious optimization tool that is compatible with computers running OSX. The MacBooster tool promotes itself as an optimization application that is capable of significantly boosting the performance of your Mac – free disk space, fix bugs, etc. However, this is not the case. The MacBooster application does not mention that a user who installs the free version of the tool will only be able to use it to scan their computer. The MacBooster tool’s scan will deliver a report to the user, which will provide them with various recommendations on how to improve the stability of their system. However, if you want to use the MacBooster tool to apply the recommended optimizations, you will have to pay for the full version of this application. What makes the MacBooster application shady is that it is known to...

Posted on February 20, 2020 in Potentially Unwanted Programs

MacKeeper

The Kromtech company is the publisher of yet another shady product – the MacKeeper application. Kromtech is known to have developed multiple PUPs (Potentially Unwanted Programs) designed to target Mac computers. If you have come across the MacKeeper application, it is best to avoid installing it on your system as it does not offer any valuable tools or features. The reason that malware researchers have listed the MacKeeper application as a PUP is that it presents users with fake, exaggerated reports regarding the health of their system and the security of their data. This is a commonly utilized trick by bogus security tools. In order to trick users into purchasing the full version of a dubious anti-virus application, the tool will deliver exaggerated reports. The reports would state that there are multiple critical issues that need to...

Posted on February 20, 2020 in Potentially Unwanted Programs

CallMe

The CallMe application is a backdoor Trojan that is compatible only with Mac computers. Malware researchers first spotted the CallMe Trojan seven years ago. Thankfully, the CallMe Trojan has not been very active in the past few years, which may mean that its creators may have abandoned the project. The CallMe backdoor Trojan is not an overly complex threat. This Trojan is able to run shell commands on the infected machine and to steal information from the contacts list of the victim. At first, this may seem like a redundant feature, but the CallMe Trojan was employed in an attack targeting Tibetian activists. As soon as the CallMe Trojan was able to compromise their systems, the threat could steal the names of the individuals in their contacts list and therefore reveal personal information about them. This helped the attackers reveal...

Posted on February 20, 2020 in Backdoors

XcodeGhost

Apple has published its own official IDE (Integrated Development Environment), which is called Xcode. The Xcode IDE serves to help application developers in building software and testing it efficiently. It is an all-encompassing tool that is being used by countless software developers worldwide. However, cyber crooks have seen an opportunity to use this tool to their advantage. Thus, cybercriminals built the XcodeGhost – a malicious copy of the original Xcode IDE. The XcodeGhost IDE is not being propagated via Apple’s official stores or sites. This malicious IDE was uploaded by its creators on the popular Chinese website Baidu. This is how the XcodeGhost IDE ended up on the systems of a large number of Chinese developers. Unlike most malicious applications, the XcodeGhost malware does not seek to wreak havoc on the host or even steal...

Posted on February 20, 2020 in Malware

LaoShu

The LaoShu threat is a piece of malware designed to target Mac systems exclusively. The goal behind the LaoShu is to collect sensitive data from the compromised hosts. The LaoShu Trojan is being propagated via emails that tend to contain an infected PDF file. It the latest campaign involving the LaoShu Trojan, the attackers appear to have chosen to mask the fake emails as legitimate messages sent by well-known delivery companies. The emails would state that the user has a package that they have not picked up and that the attached PDF file contains more information regarding the issue. In some cases, instead of a PDF file, the email would contain a ZIP attachment, which carries a PDF file. Some users report that the fraudulent email redirected them to a website that appeared to be the official page of the courier company in question....

Posted on February 20, 2020 in Malware

JackSparrow Ransomware

The JackSparrow Ransomware is a brand-new data-encrypting Trojan. Some of the features present on the JackSparrow Ransomware resemble the ones belonging to another ransomware Trojan named Harma Ransomware Threats of this type are nasty to deal with, particularly, as they would encrypt all the user’s data and try to extort them. It is likely that the JackSparrow Ransomware is capable of encrypting a long list of file types to ensure maximum damage. Propagation and Encryption There are many different propagation methods that can be used to distribute a ransomware threat. One of the most popular ones is spam email campaigns. The targeted users will get an email in their inbox that would contain a bogus message attempting to convince them to open the attached file. However, the file is macro-laced and would compromise their systems...

Posted on February 19, 2020 in Ransomware

MOOL Ransomware

Cybersecurity researchers have uncovered a new file-locking Trojan and named it the MOOL Ransomware. The MOOL Ransomware belongs to the family of the most active data-encrypting Trojan of 2019 – the STOP Ransomware. In 2019 alone, malware experts have spotted over 200 copies of the STOP Ransomware lurking the Web. Propagation and Encryption The creators of ransomware threats use all sorts of tricks to distribute their threatening creations. Malvertising campaigns, bogus software downloads and updates, torrent trackers, fake copies of popular applications or media, and spam emails containing macro-laced attachments are among the most commonly utilized propagation methods in regards to ransomware threats. The MOOL Ransomware is likely capable of encrypting a large variety of file types, including images, documents, audio files, videos,...

Posted on February 19, 2020 in Ransomware

PublicAdviseSearch

The PublicAdviseSearch application is a Web browser add-on that is designed for the Safari browser. It is likely that the creators of the PublicAdviseSearch add-on are promoting it as a tool with useful features that will enhance the search results of its users. Unfortunately, this is not the case. The PublicAdviseSearch Web browser extension can be considered a PUP (Potentially Unwanted Program). However, the PublicAdviseSearch add-on is not linked to any unsafe activity, so users who have it installed in their browser do not need to be concerned about the safety of their systems or data. The PublicAdviseSearch add-on is likely to have access to your Web browser history and permission to alter website contents. This means that the PublicAdviseSearch add-on may insert unwanted advertisements on the websites that the user visits. Some...

Posted on February 19, 2020 in Potentially Unwanted Programs

Upzis.com

The Upzis.com website is a page that does not offer any valuable content to its visitors. The only purpose of this dodgy site is to hijack users’ Web browser notifications. There are countless websites online that use this scheme. The Upzis.com site likely tricks users into visiting it by claiming to host interesting content. However, nothing is further from the truth. There is no content on the Upzis.com Web page. The site will greet its users with a request – they will be asked to click on the ‘Allow’ button on their screens. Usually, sites like the Upzis.com page will claim that the users will not be able to view the content they were seeking unless they click the ‘Allow’ button. However, doing so would give the fake website permission to display Web browser notifications. The Upzis.com page will use this permission to bombard its...

Posted on February 19, 2020 in Browser Hijackers

Woollike.com

Users who often browse untrustworthy websites, like illicit streaming platforms or torrenting pages, may come across the Woollike.com page. This fake website does not host any content of value, and it is best not to waste your time with it. Thankfully, the Woollike.com site is not affiliated with the distribution of malware, so users need not to worry about their data or system’s health. As soon as the Woollike.com page is launched, the users will be required to follow the instructions they are given. The site demands that the visitors click on the ‘Allow’ button they are presented with. Often, dodgy pages like the Woollike.com website would claim to host an interesting video or other media type that may get the attention of the users. However, if the users want to get access to the media, they will have to click on the ‘Allow’ button....

Posted on February 19, 2020 in Browser Hijackers

Videolive.best

The operators of the Videolive.best site have opted to utilize a very common trick used by many fake sites – a bogus CAPTCHA prompt. The Videolive.best website likely misleads users into launching it by claiming to host live streams or engaging videos. However, there is no content to be viewed on the Videolive.best site. Users will be required to complete a CAPTCHA to prove that they are not robots. However, the CAPTCHA test is fake and following the instructions provided by the Videolive.best site would give the bogus page permission to display Web browser push-notifications. This might not look like an issue but the Videolive.best site uses the permission to spam its users with unwanted advertisements. The spam advertisement may even continue if the users have closed their Web browser and are watching a movie or having fun with a...

Posted on February 19, 2020 in Browser Hijackers

SearchOptical

The SearchOptical application is a program designed for Macs. However, this application is listed as a PUP (Potentially Unwanted Program), and it is best to remove it from your computer as soon as possible. The SearchOptical application is likely promoted as a tool that is meant to enhance the search results of users. However, the SearchOptical program is not likely to be very useful, as it does not appear to pack any unique features. As soon as the SearchOptical application is installed on the user’s system, the application will get access to their Web browsers’ history. This means that the shady application will be monitoring the user’s browsing habits to collect information about them. The SearchOptical application also seems to be able to change the contents of the websites that the user visits. It is likely that the SearchOptical...

Posted on February 19, 2020 in Potentially Unwanted Programs

Dataf0ral1.com

The Dataf0ral1.com site is not a trustworthy page, and it is best for users to avoid it. This dodgy website is designed to promote potentially unsafe applications. It is likely that the Dataf0ral1.com site may be used to push various Trojans, spyware, keyloggers and other malware. Legitimate anti-malware vendors have listed this website as unsafe and potentially harmful. Users who come across the Dataf0ral1.com site are likely in the habit of browsing low-quality websites that host shady or illicit content. It is likely that the Dataf0ral1.com page claims to host an interesting video that may attract the attention of users. However, the site will claim that unless the users update their Adobe Flash Player, they will be unable to view the content. Then, the user will notice a pop-up window that will offer an update for the Adobe Flash...

Posted on February 19, 2020 in Browser Hijackers
1 2 3 4 5 6 7 8 9 10 11 1,398