Malware and Vulnerabilities

Malicious Payload “Hworm” Dropped Via Embedded YouTube Videos

Malicious Payload “Hworm” Dropped Via Embedded YouTube Videos

A malware called Hworm can perform multiple attacks including steal passwords, has ability to log keystrokes, kill running process, and can capture a screen by making use of the backdoor. Initially identified in June 2016, it was observed by researchers and finally was found as it emerged day by day. According to research by Palo Alto, the group of samples has common delivery mechanisms, as it...

Trend Micro Discloses State of Human Machine Interface Vulnerabilities

Trend Micro Discloses State of Human Machine Interface Vulnerabilities

Supervisory Control and Data Acquisition (SCADA) systems are a core element of modern infrastructure and like all forms of technology are at risk from security vulnerabilities. According to a report from Trend Micro's Zero Day Initiative (ZDI), there were more than 250 security vulnerabilities reported in SCADA Human Machine Interfaces (HMI) from 2015 to 2016. HMI provide the link between SCADA...

  • More at eWEEK
  • |
  • |
What is Operation Cobalt Kitty? OceanLotus Group's Inner Workings Disclosed

What is Operation Cobalt Kitty? OceanLotus Group's Inner Workings Disclosed

Researchers uncovered the OceanLotus Group targeting the top management of an Asian firm in a campaign titled "Operation Cobalt Kitty." The group hacked into 40 computers and servers belonging to the company over the course of a year, before the attacks were detected. Researchers noted that the hacker group was highly adaptive and continued to update its attack to avoid security detection. To...

Yara: Used to RickRoll Security Researchers

Yara: Used to RickRoll Security Researchers

For most security researchers, Yara, a tool that allows them to create their own set of rules for malware tracking, is an invaluable resource that helps automate many processes. However, despite Yara’s reliability, it shouldn’t be the only tool used to monitor new versions of malware. When a Yara rule is triggered, an alert is created, which prompts the researcher to perform more actions....

Amazon's App Store Endangers Millions of Android Devices

Amazon's App Store Endangers Millions of Android Devices

Ask almost any security expert, and they'll tell you switching on "unknown sources" on your Android phone or tablet is one of the worst things you can do for device security. But that's exactly what Amazon has asked its app store customers to do for years. The heart of the problem is Amazon's requirement to allow installations from "unknown sources" -- that is, any app or game that hasn't been...

Houdini Worm Spread by a German Threat Actor on Pastebin

Houdini Worm Spread by a German Threat Actor on Pastebin

A threat actor from Germany that goes by the handle Vicswors Baghdad appears to be behind the propagation of the Houdini malware on Pastebin sites—as well as actively editing an open source ransomware variant called MoWare H.F.D. According to Recorded Future analyst Daniel Hatheway, there have been three distinct spike in malicious Visual Basic scripts (VBScript) posted on paste sites, the...

Hackers Updating Malware to 64-Bit Code to Evade Detection

Hackers Updating Malware to 64-Bit Code to Evade Detection

The growing market in systems running 64-bit operating systems is also leading hackers to develop 64-bit malware, according to a new report. In a blog post, Guy Propper, cyber intelligence researcher at Deep Instinct, said that over the past two years many well-known malware families, including ransomware, banking malware and APT campaigns, began using 64-bit variants in addition to 32-bit...

EternalRocks Could Have Been Shut Down Due to Intense Media Coverage

EternalRocks Could Have Been Shut Down Due to Intense Media Coverage

The cybercriminal who developed the EternalRocks SMB worm has reportedly called it quits just a week after reports of the malware first emerged. The hacker has now reportedly shut down his operation and in a message, claimed to have no malicious intentions in developing the worm. On 24 May, Croatian security researcher Miroslav Stampar took to Twitter to report that the EternalRocks command and...

A Bug in Filesystem Hangs or Crashes Windows 7 and Windows 8.1

A Bug in Filesystem Hangs or Crashes Windows 7 and Windows 8.1

A bug in Microsoft's NTFS file system technology allows pranksters to hang or crash computers running Windows Vista, Windows 7, and Windows 8.1 just by tricking the user to access a malformed path for a non-existent file. The bug was discovered by a Russian system programmer going by the name of Anatolymik. The problem is with the $MFT file, which is the Master File Table, a file found on all...

Thousands of Third-Party Library Flaws Leave Pacemakers to Risk

Thousands of Third-Party Library Flaws Leave Pacemakers to Risk

WhiteScope, a company founded by Billy Rios, one of the first security researchers to analyze medical devices, recently conducted an analysis of the implantable cardiac device ecosystem architecture and implementation interdependencies, with a focus on pacemakers. The analysis covered home monitoring systems, implantable devices and pacemaker programmers of four vendors. Tests conducted on...

How the Stegano Exploit Kit Utilises Malvertising to Spread?

How the Stegano Exploit Kit Utilises Malvertising to Spread?

ESET researchers have observed a new attack where 3rd-party ads are used to distribute the Stegano exploit kit. This malvertising campaign has been attributed to the AdGholas group. The Stegano malware uses Internet Explorer and Flash Player vulnerabilities to compromise the security of the endpoint. The malware calls up a JavaScript function that checks the configuration settings on the endpoint...

64-bit Malware Threat May be Small Now, But it's Only Set to Grow

64-bit Malware Threat May be Small Now, But it's Only Set to Grow

The vast majority (93 per cent) of new computers sold worldwide operate on 64-bit Windows but most nasties were written to infect 32-bit systems, according to a new study by security firm Deep Instinct. Deep Instinct reckons that 64-bit malware still makes up less than 1 per cent of the current threat landscape. But malware variants have recently begun to appear in 64-bit versions so this small...

Domains Tainted by RoughTed Malvertising Receive Half a Billion Hits

Domains Tainted by RoughTed Malvertising Receive Half a Billion Hits

A strain of adblocker-aware malvertising is responsible for a range of scams, exploits and general skulduggery. RoughTed can deliver a variety of payloads including exploit kits and malware. Hackers are leveraging fingerprinting and adblocker-bypassing techniques in a bid to ensure that marks are served content from RoughTed-tainted domains. The various nuisances pushed by the campaign also...

Amid Fears, AES-NI Ransomware Developer Releases Decryption Keys

Amid Fears, AES-NI Ransomware Developer Releases Decryption Keys

On May 21st, a security researcher, named Thyrex, received a message on a Russian forum that contained a link to a ZIP file that supposedly contained a decryptor for the frogobig777@india.com variant of the AES-NI Ransomware. In conversation with Bleeping Computer, an AES-NI developer admitted that he leaked the keys to Thyrex. According to the AES-NI developer, XData is based on AES-NI...

New “Widia” Ransomware Wants Payment Through Credit Card

New “Widia” Ransomware Wants Payment Through Credit Card

New “Widia” Ransomware displays the following ransom note: “Your documents, photos, databases and other important files have been encrypted with the strongest encryption and unique key, generated for this computer. Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key. The server will eliminate the key after a...

Evolution of Dridex

Evolution of Dridex

Dridex made its first appearance, under the name “Cridex”, around September 2011. The malware could receive dynamic configuration files, use web injections to steal money, and was able to infect USB media. In 2012, a modified Cridex variant (Cridex 0.77–0.80) was released were functionality related to infecting USB media was dropped and the binary format of the configuration file and...

Check out the latest updates on internet malware and vulnerabilities.

This category provides expertly curated news on the malwares & vulnerabilities that are discovered daily by the expert teams across the globe. It covers all dimensions of the malware and vulnerabilities that any security team should be aware off. The software vulnerabilities, network vulnerability, vulnerable websites, traditional and advanced persistent threats, and malware virus including ransomware and hybrid Trojans that can even bring down advanced malware protection systems put in place are covered under this category. The latest information and updates on the malware and vulnerabilities discovered are indispensable to any security strategy. A timely action that removes any backdoors, zero day vulnerabilities or any other loopholes before an attack is carried out by the hackers is of utmost importance to any organizational security. Given the changing nature of attacks, the news on malware also helps the security professionals to look out for attack patterns that are oblivious to the normal eye.