Top Security News

Beware of Michael Jackson One Year Death Anniversary Spam Email To celebrate the life and legacy of one of the greatest entertainers of our time, fans around the world will once again be searching for their favorite Michael Jackson song and paying tribute to the King of Pop as we approach his one-year death anniversary. After the death of Michael Jackson on...
Warning: Menacing BlackHole Exploit Kit Targeting Windows PCs Now Available to Hackers for Free Christmas has come early for novice hackers and criminals looking to get their share of the scam operatives flooding the Internet after someone publicly set free not one but two dangerous malware tools in just under 30 days. Once available as a password protected archive, the Zeus malware kit and...
Hackers Attack Citibank Pilfering over 200,000 Credit Card Customers' Personal Data While more news on Rep. Anthony Weiner's (D-N.Y.) online sex scandal continues to appear, another hacking incident occurs, this time hackers broke into Citibank's computers stealing account numbers, names and contact information. Citibank, one of the biggest 4 banks in the USA, discovered a data...

Top Articles

RobinHood Ransomware

The RobinHood Ransomware (RobbinHood Ransomware or RobbinHood File Extension Ransomware) is a ransomware Trojan that is used to harass computer users under the pretext of raising awareness and funds for the people of Yemen. In fact, there is no evidence to support the theory that the creators of the RobinHood Ransomware have altruistic motives. It is likelier that the con artists are using the RobinHood Ransomware to profit in the same way that the creators of most encryption ransomware Trojans act today. However, the ransom demand in the case of the RobinHood Ransomware is extremely elevated, making it very unlikely that any individual PC users will pay the RobinHood Ransomware ransom in case of an attack. Take preventive measures against ransomware Trojans like the RobinHood Ransomware, which are becoming common increasingly. Yemen...

Posted on August 4, 2017 in Ransomware

WannaCryptor or WanaCrypt0r Ransomware

WannaCryptor or WanaCrypt0r Ransomware screenshot

The WanaCrypt0r Ransomware is an encryption Trojan that features a worm-like attack tactic. The WanaCrypt0r Ransomware is recognized as one of the most threatening and widespread encryption Trojans up until May 12th, 2017. The WanaCrypt0r Ransomware managed to compromise more than hundreds of thousand systems across one hundred and forty countries on its first release to the real world. The brunt of the attack was taken by PC users in Russia and the National Healthcare System in Great Britain. The Trojan managed to block access to most of the computers connected to the National Healthcare System and nearly 70% of the cases that involve the WanaCrypt0r Ransomware are recorded in Russia....

Posted on March 29, 2017 in Ransomware

Ryuk Ransomware

The Ryuk Ransomware is a data encryption Trojan that was identified on August 13th, 2018. It appears that private companies and healthcare institutions have been compromised with the Ryuk Ransomware. Threat actors were reported of infecting organizations in the USA and Germany. Initial analysis suggests the threat was injected in systems through compromised RDP accounts, but it is possible that there is a parallel spam campaign that carries the threat payload as macro-enabled DOCX and PDF files. General Facts and Attribution Ryuk Ransomware appeared in the middle of August 2018 with several well-planned targeted attacks against major organizations worldwide, encrypting data on infected PCs and networks and demanding the payment of a ransom in exchange for a decryptor tool. Ryuk does not demonstrate extremely advanced technical skills,...

Posted on August 23, 2018 in Ransomware

More Articles

Titanium

The Platinum APT (Advanced Persistent Threat) has remained active ever since it was first spotted back in 2009. The hacking group appears to operate in the Asia-Pacific region mainly, and it seems to target political organizations and high-ranking officials in the area. This is why cybersecurity researchers believe that a government in the region may be funding the operations of the Platinum APT, although these remain as speculations at this moment. Makes Sure to Remain under the Radar of Security Tools The Platinum hacking group has released a new tool named Titanium recently. The Titanium malware is a complex backdoor Trojan, which has a long list of capabilities. The Titanium Trojan’s self-preservation capabilities are impressive as this threat can detect malware debugging environments, anti-malware tools, and various security...

Posted on November 11, 2019 in Backdoors

NACHOCHEESE

The most notorious hacking group originating from North Korea is called APT38 (Advanced Persistent Threat). They also are known under the alias Lazarus and have been active for quite a while. The APT38 hacking group is known to be working for the North Korean government, and their efforts are concentrated on furthering North Korean interests globally. Most hacking groups who are hired by governments tend to operate in a rather conservative manner and make sure they do not cause unnecessary harm to the target’s system. However, the APT38 group takes no interest in such precautions and can sometimes fully destroy an infiltrated system, which is not of importance to it. Some of the members of the APT38 are even wanted by the United States’ FBI. Takes over the Command-Line of the System The NACHOCHEESE threat is a part of the APT38’s...

Posted on November 11, 2019 in Malware

Bundesliga-streams.net

The Bundesliga-streams.net website does not host any unsafe content, but it is a shady page that should be avoided. Users who come across the Bundesliga-streams.net page were likely looking for illicit streams of football (soccer) games from the German football league called the Bundesliga. We recommend you not to visit websites like the Bundesliga-streams.net as they are hosting illicit content and often have malvertising present on their page. These malvertising campaigns tend to promote low-quality products and dodgy or fake services. Uses Social Engineering Tricks The Bundesliga-streams.net site, much like many other shady pages, is likely to use a variety of social engineering techniques to manipulate the actions of the user. Among them can be: The users may be asked to download and install a fake codec pack or media player if...

Posted on November 11, 2019 in Browser Hijackers

Nvram Ransomware

The Nvram Ransomware is a newly uncovered file-encrypting Trojan. Upon spotting this brand-new ransomware threat, malware researchers dissected it only to find that this is yet another variant of the popular Dharma Ransomware. The Dharma Ransomware family has been very active in 2019, and it would seem that cyber crooks continue to make new copies of this notorious data-locking Trojan. Propagation and Encryption The propagation methods used in the Nvram Ransomware campaign are not yet known. However, some malware researchers speculate that the authors of the Nvram Ransomware may be utilizing spam emails containing corrupted attachments, bogus application updates, and fake pirated copies of popular software tools. The Nvram Ransomware targets file types, which are likely to be present on any regular user’s computer such as .mp3, .mp4,...

Posted on November 11, 2019 in Ransomware

Deal Ransomware

Cybersecurity researchers keep spotting more and more ransomware threats lurking on the Web. Among the most recent data-locking Trojans is the Deal Ransomware. When experts studied this threat, it quickly became evident that this is another variant of the infamous Phobos Ransomware. Ransomware threats are seen as a relatively safe method of generating some quick cash on the backs of innocent users, and it is likely that this trend will not die out any time soon. Propagation and Encryption It has not yet been divulged what the infection vectors utilized in the spreading of the Deal Ransomware are. Some suppose that the attackers may be using spam emails to propagate this Trojan. Such emails often contain a corrupted attachment, which, once opened, would hijack the targeted system. To induce the user to launch the attached files, the...

Posted on November 11, 2019 in Ransomware

AIR Ransomware

The AIR Ransomware is a brand-new ransomware threat that emerged at the beginning of November. Once malware experts spotted the harmful activity of the AIR Ransomware, they studied the threat and found that it is a variant of the Major Ransomware. Many cyber crooks base their file-locking Trojans on already established ransomware threats, as this is much less time-consuming than building a threat from scratch. Propagation and Encryption The propagation method used in the spreading of the AIR Ransomware is not known yet. Often, cybercriminals utilize spam email campaigns, bogus application updates, fake pirated variants of popular software tools, and torrent trackers, among many other propagation methods. The AIR Ransomware goes after a large variety of file types. Threats of this class make sure to cause as much damage as possible,...

Posted on November 8, 2019 in Ransomware

Rooster865qq Ransomware

More and more file-encryption Trojans pop-up daily and malware researchers are struggling to keep up with the pace. They try to combat ransomware threats by developing free decryption tools that they release to the public in an attempt to help potential victims. However, ransomware threats are perceived as a way to make some quick money with a relatively low chance of facing any consequences, so cybercriminals keep developing and distributing these nasty Trojans. Among the newest threats of this type is the Rooster865qq Ransomware. When researchers studied this threat, they found that the Rooster865qq Ransomware is a variant of the Maoloa Ransomware. Propagation and Encryption It is not known with certainty what is the infection vector involved in the spreading of the Rooster865qq Ransomware. Some experts believe that the authors of...

Posted on November 8, 2019 in Ransomware

Lokf Ransomware

Ransomware threats are among the most profitable malware out there. An increasing number of cyber crooks try their luck with building and propagating threats of this type, and some of them manage to generate a significant amount of revenue. At the beginning of November, malware experts spotted a new ransomware threat dubbed Lokf Ransomware. Upon dissecting it, they found that it belongs to the STOP Ransomware family – the most active ransomware family in all of 2019. Propagation and Encryption Cybersecurity researchers have not yet concluded how the Lokf Ransomware is being distributed. It is being speculated that the attackers likely rely on mass spam email campaigns. Usually, the emails would contain a message riddled with social engineering tricks that aim to get the user to launch the attached file by making it seem important yet...

Posted on November 8, 2019 in Ransomware

Rednews7.com

Rednews7.com is a dodgy website that should be avoided. However, there have been recent reports on the activity of the Rednews7.com, and it has been determined that users may come across this Web page if there is adware present on their systems. Another way of stumbling upon this dubious website is if one browses other shady pages regularly as some Web pages are known to work with dodgy advertising networks. All the content of the Rednews7.com page is spread among sub-pages leaving its main page lacking any real content. Once you are on the Rednews7.com, you will come across bogus media players and constant pop-up advertisements, which will urge you to allow this shady website to present you with notifications within your browser. Many dodgy websites like the Rednews7.com utilize this technique, as this will allow them to spam the user...

Posted on November 8, 2019 in Browser Hijackers

Cnewvi.com

The Cnewvi.com website is among countless dodgy Web pages on the Internet that try to trick users into allowing them to display notifications. Not all pages, which ask to be permitted to show notifications are dubious, however. Browser notifications from legitimate websites can keep you updated on breaking news, show you new bargains, or notify you when your favorite streamers are live. However, this is not the case with the Cnewvi.com Web page. The creators of this page have made sure it is compatible not only with the desktop but also with mobile devices, thus significantly increasing their reach. The Cnewvi.com site does not host any content, which can be classified as threatening, but it can nonetheless be quite the irritant. Uses Social Engineering Tricks Since not many users will allow just any site to display notifications in...

Posted on November 8, 2019 in Browser Hijackers

Guildma

The Guildma malware’s activity was first spotted back in 2015. This threat is a spyware toolkit, which is very well crafted. At first, the authors of the Guildma toolkit concentrated their operations in Brazil only. However, at some point, the creators of the Guildma malware decided to launch more ambitious campaigns going after targets worldwide. The threat was programmed to only function with Brazilian banking institutions, but ever since its creators decided to expand their reach, and 130 more banking portals worldwide were added to the Guildma malware’s target list. Propagation Method The Guildma threat appears to be distributed via spearphishing campaigns mostly. The attackers would use a PHP script to automate the distribution of mass spam emails to a long list of email addresses. The authors of the Guildma malware seem to be...

Posted on November 7, 2019 in Trojans

Mailto Ransomware

Ransomware threats continue to be one of the most preferred methods of tricking people out of their money online. Almost anyone can build a data-locking Trojan and use it to extort people. This is because there are numerous ransomware building kits available online for free. Among the newest uncovered threats of this type is the Mailto Ransomware. Propagation and Encryption The infection vectors used by the perpetrators of the Mailto Ransomware are not known. Some malware researchers believe that the attackers may be utilizing fake pirated copies of popular applications, bogus software updates, and torrent trackers to spread the Mailto Ransomware. However, the most common method of distribution of this threat is spam emails certainly. These emails would contain a fraudulent message urging the user to open the corrupted attached file....

Posted on November 7, 2019 in Ransomware

Mosk Ransomware

The Mosk Ransomware is one of the newest ransomware threats that have emerged on the Web. Much like other threats of this type, the Mosk Ransomware targets a user’s files, encrypts them, and then blackmails the victim into paying them cash. Upon studying this new ransomware threat, malware experts uncovered that it belongs to the infamous STOP Ransomware family. This ransomware family has, undoubtedly, been the most active one in the whole of 2019. Propagation and Encryption It has not yet been disclosed how the attackers are propagating the Mosk Ransomware. It is likely that the authors of this threat are utilizing mass spam email campaigns, fraudulent software updates, and bogus pirated variants of popular applications as infection vectors for distributing the Mosk Ransomware. Once a system is compromised by this file-locking Trojan,...

Posted on November 7, 2019 in Ransomware

'corpseworm@protonmail.com' Ransomware

There are new ransomware threats uncovered by experts daily, and the trend does not seem to be dying down. An increasing number of cyber crooks are trying their luck with the creation and distribution of file-locking Trojans, as this can be an easy way to make some cash. Among the newest spotted ransomware threats is the 'corpseworm@protonmail.com' Ransomware. This ransomware threat is a new copy of the Cryakl Ransomware. Propagation and Encryption It is not known what the exact propagation methods, which are involved in the spreading of the 'corpseworm@protonmail.com' Ransomware are, but some believe that spam emails may be the infection vector responsible. These mass spam email campaigns usually involve a fake message attempting to convince the user to open a corrupted attached file. If the users fall for this and launch the...

Posted on November 7, 2019 in Ransomware

Capesand Exploit Kit

Malware researchers have spotted a new EK (Exploit Kit) circulating the Internet. Its name is the Capesand Exploit Kit, and it was first uncovered in October 2019. After studying the Capesand Exploit Kit, cybersecurity experts believe that the creators of this EK likely lack experience as most of the code appear to be borrowed from already existing hacking tools whose code is available publicly. The Capesand Exploit Kit is a project in progress as it would seem that its creators have not yet finished developing it. Among the people who are utilizing the Capesand Exploit Kit is a hacking group that is known to have used the RIG Exploit Kit previously. It is likely that they have decided to switch to the Capesand Exploit Kit as it is brand-new, and its developers are launching updates constantly. The creators of the Capesand Exploit Kit...

Posted on November 6, 2019 in Malware
1 2 3 4 5 6 7 8 9 10 11 1,372