Official Monero Site Hacked to Distribute Cryptocurrency Stealing Malware

What an irony — someone hacked the official website of the Monero cryptocurrency project and quietly replaced legitimate Linux and Windows binaries available for download with malicious versions designed to steal funds from users’ wallets. The latest supply-chain cyberattack was revealed on Monday after a Monero user spotted that the cryptographic hash for binaries he downloaded from…

Read More

Malware Meets Politics With Trump and Clinton Themed Infections

Just as people express their political views through art, malware developers express their political ideologies, hopes, and frustrations through the computer infections they create. While investigating a recent malspam campaign, the Cisco Talos Group noticed that the payload was named Trump.exe. Noticing the politically themed name, Talos began researching other malicious programs that contained political…

Read More

Office 365 to Prevent Malicious Docs From Infecting Windows

Microsoft Office 365 ProPlus is getting a new feature called Application Guard that will allow users to open attachments in a virtualized container to protect Windows from malicious macros and exploits. Microsoft Edge for Windows 10 includes a feature called Windows Defender Application Guard that allows you to launch a browser tab into a special…

Read More

Windows BlueKeep RDP Attacks Are Here, Infecting with Miners

The BlueKeep remote code execution vulnerability in the Windows Remote Desktop Services is currently exploited in the wild. Vulnerable machines exposed to the web are apparently compromised for cryptocurrency mining purposes. The attempts have been recorded by honeypots that expose only port 3389, specific for remote assistance connections via the Remote Desktop Protocol (RDP). Attacks…

Read More

QSnatch: miles de dispositivos NAS de QNAP infectados

Miles de dispositivos NAS (Network Attached Storage o Almacenamiento conectado a la red, en español) del proveedor taiwanés QNAP se han visto afectados por una nueva variedad de malware llamada QSnatch. Esta es la cuarta cepa de malware detectada este año que se ha dirigido a dispositivos NAS, siguiendo los pasos del ransomware que afectó a los dispositivos…

Read More

Android bug lets hackers plant malware via NFC beaming

All Android 8 (Oreo) or later devices are impacted. Google released a patch last month, in October 2019. Google patched last month an Android bug that can let hackers spread malware to a nearby phone via a little-known Android OS feature called NFC beaming. NFC beaming works via an internal Android OS service known as Android Beam.…

Read More

GandCrab RaaS Was a Training Ground for Malware Distributors

GandCrab operators changed the ransomware business from the ground up, establishing a model that is embraced and continued by other cybercriminals. Instead of keeping the operation private, limited to a small circle of experienced cybercriminals, they opened the doors to newcomers, advertised, built a relationship with customers and affiliates, and communicated with victims and researchers…

Read More

Almost 50% of Company Network Traffic Comes From Bots!

Network traffic in companies is generated by bots almost as much as by humans, shows a recent study. As bots become more sophisticated, they bypass the security challenges in place. While there are good bots, the bad ones are present in larger numbers and they can impact overall performance and metrics as well as security.…

Read More

Most malspam contains a malicious URL these days, not file attachments

Proofpoint: 85% of all malicious email spam sent in Q2 2019 contained a link to download a malicious file. Most malicious email spam (malspam) sent in the first half of the year has contained links to malicious files, rather than file attachments, according to telemetry gathered by cyber-security firm Proofpoint More precisely, 85% of all…

Read More

Lista de precios ¿Cuánto paga el ciberdelito y cuánto vale tu información?

La incidencia del delito cibernético continúa aumentando, en parte, debido a la fácil disponibilidad de herramientas y servicios de hacking de bajo costo en el mercado negro. Durante esta entrada te mostraremos una lista de precios de ligadas a servicios y filtraciones de cuentas que se pueden encontrar en el mercado de la ciberdelincuencia.

Read More