Top Security News

Beware: Cybercriminals Leveraging Coronavirus to Exploit Computer Users and Spread Malware It hasn't taken a lot of time for threat actors to realize the social engineering opportunity that the novel coronavirus (2019-nCoV) has presented them. The respiratory infection that originated in...
Beware: Fake FedEx Text Alerts and Emails Used in New Scam There is an awful lot of spam making the rounds, both in email and mobile text format. With an average of 300 billion emails being sent every day and the majority of those being spam that has...
Ransomware Attack Costs 300 Employees their Jobs Did you know that a ransomware attack could cost you your job? That is exactly what happened to 300 employees at an Arkansas Telemarketing firm that was forced to lay off 300 of its employees and...

Top Articles

VulkanRT

The software package known as VulkanRT has recently caused a bit of commotion online. There have been posts on various forums and online communities, made by people who got confused by the sudden appearance of an entry named "VulkanRT" in their installed programs list. Some users were surprised and confused by the new entry and, not knowing what it was, assumed it was a virus and communicated their fears online. In reality, VulkanRT is not a threat or a malicious piece of software. The RT in the name stands for "runtime libraries". Vulkan, on the other hand, is the name of a graphical API which has the purpose of providing direct control over the computer's GPU and CPU usage. VulkanRT is developed by the Khronos Group in 2014 with the participation of huge IT names such as Intel, NVidia, AMD, Google , and Apple. The API was initially...

Posted on December 29, 2017 in Browser Hijackers

Bundesliga-streams.net

The Bundesliga-streams.net website does not host any unsafe content, but it is a shady page that should be avoided. Users who come across the Bundesliga-streams.net page were likely looking for illicit streams of football (soccer) games from the German football league called the Bundesliga. We recommend you not to visit websites like the Bundesliga-streams.net as they are hosting illicit content and often have malvertising present on their page. These malvertising campaigns tend to promote low-quality products and dodgy or fake services. Uses Social Engineering Tricks The Bundesliga-streams.net site, much like many other shady pages, is likely to use a variety of social engineering techniques to manipulate the actions of the user. Among them can be: The users may be asked to download and install a fake codec pack or media player if...

Posted on November 11, 2019 in Browser Hijackers

Sodinokibi Ransomware

Sodinokibi Ransomware is a new malware threat that is gaining traction in the cybercriminal circles. Although Sodinokibi operates in the typical ransomware fashion - it infiltrates the victim's computer, uses a strong encryption algorithm to encrypt the files, and demands a payment for their restoration, analyzing its underlying code reveals that it is an entirely new malware strain and not an updated variant of an already existing ransomware. Zero-Day Exploit Facilitates First Sodinokibi Attack Sodinokibi was first detected on April 25 when it was used in an attack that exploited a zero-day Oracle WebLogic Server vulnerability. The severity of the zero-day exploit couldn’t be understated as it allowed the remote execution of code without any of the otherwise required authentication credentials. Oracle issued a patch on April 26,...

Posted on May 1, 2019 in Ransomware

More Articles

Cdorked

The Cdorked threat is designed to target Linux systems only. Cybersecurity analysts first discovered this backdoor Trojan about seven years ago. After looking into the activity of this threat, it would appear that the most dynamic period for the Cdorked Trojan was in 2013 when it was spotted on several hundred Web servers. All the compromised Web servers were designed to redirect users to corrupted pages that were meant to distribute various malware types. The main advantage of the Cdorked Trojan is that it operates very silently. The creators of the Cdorked backdoor Trojan have made sure that this threat operates almost filelessly. This means that the majority of its files and settings are stored in the system’s memory. However, malware researchers have identified one file that is affiliated with the Cdorked campaign certainly –...

Posted on February 21, 2020 in Backdoors

Ebury

The Ebury Trojan is a threat that is crafted to exploit the OpenSSH application specifically. This is achieved by employing a certain patch that is designed to alter the settings and behavior of the application in question. This is a commonly utilized strategy by many backdoor Trojans, similar to the Ebury threat. However, the difference, in this case, is that the Ebury targets Linux systems only. The end goal of the Ebury backdoor Trojan is to compromise the targeted host and then collect sensitive information like usernames, passwords, etc. All the gathered data will then be transferred to the C&C (Command & Control) servers of the operators of the Ebury backdoor Trojan swiftly. The creators of this nasty threat have used some interesting methods when it comes to collecting data. The Ebury Trojan is capable of detecting failed login...

Posted on February 21, 2020 in Backdoors

ChoiceFinder

The ChoiceFinder application is designed for Mac computers specifically. It is likely that you have come across the ChoiceFinder application while downloading and installing a bundle of freeware applications. Oftentimes, such software bundles contain additional applications that the user never asked for. To convince the user to install such applications, they may be told that it will enhance the stability of their systems or their Web browsing experience. However, this is usually untrue, and this is the case with the ChoiceFinder application, certainly. The ChoiceFinder application is likely marketing itself as a useful tool that will help users get more relevant results for their searches online. However, instead of enhancing their search results in any way, the ChoiceFinder application is likely to do exactly the opposite. This...

Posted on February 21, 2020 in Potentially Unwanted Programs

Hilfr.pro

The Hilf.pro site, a bogus page, which is not hosting any valuable content, is likely to waste its visitors’ time only. The Hilf.pro tricks users into launching the page by claiming to host a video that may appear very engaging. As soon as the user opens the dubious website, they will see a fake video prompt that pretends to be loading the content the visitor wants to view. Unfortunately, that is nothing more than a trick, as the Hilf.pro site does not contain any videos. As the fake video prompt appears to be loading the nonexistent video, the users will be prompted to click on the ‘Allow’ button on their screens. The site claims that unless the visitors comply, they will be unable to view the content. However, clicking the button in question will permit the shady website to display Web browser notifications. This means that users who...

Posted on February 21, 2020 in Browser Hijackers

ProcessFresh

The ProcessFresh application is a tool compatible with computers running OSX. This dubious application may promote itself as an optimization tool that will help you improve the stability of your system, but we can assure you that this is not the case definitely. Malware researchers have identified the ProcessFresh application as adware. This means that users who have happened to install the ProcessFresh application may notice a sudden spike in the number of advertisements displayed on the websites they visit. The ProcessFresh adware is likely to plant various advertisements into the Web pages visited by the user – flashing alerts, banners, annoying notifications, hyperlinks in text, pop-up windows, etc. You can imagine that viewing a large amount of unwanted and often irrelevant advertisements every time you open your Web browser can...

Posted on February 21, 2020 in Potentially Unwanted Programs

Sisewepod.com

Users who tend to browse shady websites often (adult entertainment sites, gambling platforms, illicit streaming pages, etc.) are more likely to stumble upon the Sisewepod.com site. This website is nothing more than a fake page that is designed to mislead users into allowing it to display Web browser notifications. The Sisewepod.com website is likely to claim to host very engaging content, like an interesting video or a gallery of images, to attract users’ attention. Unfortunately, this is definitely not the case. The Sisewepod.com will ask the users to click on the ‘Allow’ button if they want to proceed and view the content they were promised. Following the instructions of the dodgy Sisewepod.com site will not provide you with access to any interesting or meaningful content; instead, it will allow this page to send you...

Posted on February 21, 2020 in Browser Hijackers

Clickkmobi.com

The Clickkmobi.com is an untrustworthy website that may appear to host various giveaways or engaging content. However, this is not true most definitely, as there is no meaningful content hosted on this website, and any giveaways and raffles affiliated with the Clickkmobi.com page may be fake. The creators of the Clickkmobi.com website have built it with one goal in mind – to hijack their visitors’ Web browser notifications. This is the so-called ‘Click ALLOW to Continue’ tactic used by numerous shady websites online. As soon as the Clickkmobi.com website is launched, it will request that the users click on the ‘Allow’ button spawned on their screen. If the user complies and clicks on the button, the Clickkmobi.com website will receive permission to exhibit notifications in the user’s Web browser. This may not seem something that you...

Posted on February 21, 2020 in Browser Hijackers

Extrabuttons.pw

The Extrabuttons.pw is yet another bogus website designed to mislead users into granting it permission to display Web browser notifications. This is a trick utilized by the operators of countless fake sites like the Extrabuttons.pw page commonly. Upon launching the Extrabuttons.pw site, visitors will be asked to click on the ‘Allow’ button displayed on the page. Sometimes, sites like the Extrabuttons.pw would claim to host interesting content that can only be viewed if the user complies with the requests of the page. However, the Extrabuttons.pw does not host any content that is worth your time – there are no videos, images or articles hosted on this site. The Extrabuttons.pw site exists for the purpose of hijacking your Web browser notifications only. As soon as the Extrabuttons.pw gets permission to send users push-notifications via...

Posted on February 21, 2020 in Browser Hijackers

Goldencpi.com

The Goldencpi.com website is a dubious page whose operators generate revenue by bombarding their users with countless unwanted advertisements. The Goldencpi.com site would pretend to host content that may be of interest to get them to launch the page. The Goldencpi.com website employs the ‘Click ALLOW to Continue’ tactic to mislead users into granting it permissions to send them push-notifications via their Web browser. The Goldencpi.com would likely state that the users will be unable to view the content on the site unless they follow the instructions the page provides them with. This means that the users will be asked to click on the ‘Allow’ button on their screens supposedly to get access to the content in question. However, there is no content to be viewed on this bogus page, and if you click on the button, you will allow this fake...

Posted on February 21, 2020 in Browser Hijackers

VSearch

The VSearch application is adware designed for Mac computers. Many Apple users still rely on the false notion that Mac computers are impenetrable, and no cyber threat can compromise them. This is certainly not the case, and this line of thinking has put numerous Mac users’ systems in danger. Each year there is an increasing number of malicious applications, PUPs (Potentially Unwanted Programs), and adware designed to specifically target Mac systems. Among the most recently reported cases of a dubious application targeting OSX systems is the VSearch adware app. The VSearch adware is likely promoted as a genuine, useful tool that will help users optimize their search results. This is definitely not the case. It is also likely that the VSearch adware may be installed alongside a bundle of other freeware applications. Often, the...

Posted on February 20, 2020 in Adware

OperatorMac

The OperatorMac is an adware family that goes after Mac systems only. Thankfully, the OperatorMac application is not affiliated with the distribution of malicious software or any harmful scams. If you have adware installed on your computer, you are likely to notice an increase in the advertisements displayed on the websites you visit. The ads linked to the activity of various types of adware may come in all shapes and forms. The OperatorMac adware may present its users with highlighted text, a variety of banners, random hyperlinks, pop-up windows, flashy alerts, etc. This can end up significantly diminishing your Web browsing quality. Applications like the OperatorMac adware may promote dodgy products that users should avoid – fake raffles, dubious gambling platforms, bogus dating websites, adult entertainment streaming sites, etc. It...

Posted on February 20, 2020 in Adware

MacBooster

The MacBooster application is a dubious optimization tool that is compatible with computers running OSX. The MacBooster tool promotes itself as an optimization application that is capable of significantly boosting the performance of your Mac – free disk space, fix bugs, etc. However, this is not the case. The MacBooster application does not mention that a user who installs the free version of the tool will only be able to use it to scan their computer. The MacBooster tool’s scan will deliver a report to the user, which will provide them with various recommendations on how to improve the stability of their system. However, if you want to use the MacBooster tool to apply the recommended optimizations, you will have to pay for the full version of this application. What makes the MacBooster application shady is that it is known to...

Posted on February 20, 2020 in Potentially Unwanted Programs

CallMe

The CallMe application is a backdoor Trojan that is compatible only with Mac computers. Malware researchers first spotted the CallMe Trojan seven years ago. Thankfully, the CallMe Trojan has not been very active in the past few years, which may mean that its creators may have abandoned the project. The CallMe backdoor Trojan is not an overly complex threat. This Trojan is able to run shell commands on the infected machine and to steal information from the contacts list of the victim. At first, this may seem like a redundant feature, but the CallMe Trojan was employed in an attack targeting Tibetian activists. As soon as the CallMe Trojan was able to compromise their systems, the threat could steal the names of the individuals in their contacts list and therefore reveal personal information about them. This helped the attackers reveal...

Posted on February 20, 2020 in Backdoors

XcodeGhost

Apple has published its own official IDE (Integrated Development Environment), which is called Xcode. The Xcode IDE serves to help application developers in building software and testing it efficiently. It is an all-encompassing tool that is being used by countless software developers worldwide. However, cyber crooks have seen an opportunity to use this tool to their advantage. Thus, cybercriminals built the XcodeGhost – a malicious copy of the original Xcode IDE. The XcodeGhost IDE is not being propagated via Apple’s official stores or sites. This malicious IDE was uploaded by its creators on the popular Chinese website Baidu. This is how the XcodeGhost IDE ended up on the systems of a large number of Chinese developers. Unlike most malicious applications, the XcodeGhost malware does not seek to wreak havoc on the host or even steal...

Posted on February 20, 2020 in Malware

LaoShu

The LaoShu threat is a piece of malware designed to target Mac systems exclusively. The goal behind the LaoShu is to collect sensitive data from the compromised hosts. The LaoShu Trojan is being propagated via emails that tend to contain an infected PDF file. It the latest campaign involving the LaoShu Trojan, the attackers appear to have chosen to mask the fake emails as legitimate messages sent by well-known delivery companies. The emails would state that the user has a package that they have not picked up and that the attached PDF file contains more information regarding the issue. In some cases, instead of a PDF file, the email would contain a ZIP attachment, which carries a PDF file. Some users report that the fraudulent email redirected them to a website that appeared to be the official page of the courier company in question....

Posted on February 20, 2020 in Malware
1 2 3 4 5 6 7 8 9 10 11 1,398