WhatsApp Vulnerability Is Used To Deploy Pegasus Spyware

WhatsApp is among those social media application which can be found in everyone phone. But if you are also an user of this app then there is a bad news for you. Recently researchers has detected a serious vulnerability in this software which has been exploited. According to a security report, an Israeli hacker company known as NSO Group. The company is known to develop Pegasus, which is a dangerous spyware capable to jailbreaks infected devices.It is really serious because the spyware is capable to use camera, microphone and to gather sensitive information of the user. The vulnerability is known as CVE-2019-3568, and it was first spotted by Financial Times.

What is CVE-2019-3568 Vulnerability In WhatsApp?

CVE-2019-3568 Vulnerability which is also known as WhatsApp 0-Day flaw is used by attackers to remotely install a data collecting software on some selected Smart phones. In WhatsApp VoIP stack it is also known as buffer overflow which allow hackers to execute remote code via specially designed SRTCP packets series which is sent to the target phone number. Now the question is, which version of WhatsApp is targeted by hackers? Well the security report suggest that vulnerability has allow hackers to target different version of WhatsApp for both the Android and iOS operating system. Here is the list of WhatsApp version which is infected by the Pegasus spyware :

  • WhatsApp for Android prior to v2.19.134,
  • WhatsApp Business for Android prior to v2.19.44,
  • WhatsApp for iOS prior to v2.19.51,
  • WhatsApp Business for iOS prior to v2.19.51,
  • WhatsApp for Windows Phone prior to v2.18.348,
  • WhatsApp for Tizen prior to v2.18.15

Read more

LockerGoga Ransomware Bug Allow To Stop Its Encryption

Recently, LockerGoga has emerged as most disastrous ransomware strain. From last few months, hackers behind this ransomware has used this threat to target high profile companies including Norsk Hydro. Now researchers has bring a good news for us about this dangerous threat. According to researchers the ransomware has a coding error which may help user’s to protect their computer and destroy the ransomware before it encrypt files. The code error or bug is detected by security analyst of a firm known as Alert Logic. Really it is a great discovery because it not only help victims to vaccinate their PC’s but also prevent the ransomware from encrypting files even it attack the system.

Read more

Mirai Botnet Include Several Exploits To Attacks Enterprises

Till now, Mirai Botnet was known for DDoS attacks only but now it has launched a new variant which is designed to target Enterprise device. The main purpose of this latest Mirai IoT Botnet behind targeting embedded device is to get control over the larger bandwidth to execute terrible DDoS attacks. Report reveals that the main author of this malware has been captured by security experts but the malware keep launching variants because its resource code is still available on Internet from 2016. First, Mirai Botnet was only known as Internet of Things (IoT) Botnet which infect security camera, routers, DVRs and similar smart devices, but later it started doing DDoS attacks.

Read more

Belonard Trojan Is Causing Severe Damage To PC

Cyber criminals are using sophisticated technique to fulfill their devil intention. Belonard Trojan is a latest example of their malicious creation which can cause several damage on targeted computer. Cyber crooks are using this trojan as a weapon to target PC user’s all over the world. Similar to any other malicious threat, it is also capable to run different kind of harmful activities in the system but the most scary one is data harvesting. It clearly means that the main motive of offenders is not to damage the computer, their main target is to obtain personal data of victim. The trojan has targeted lots of PC’s and according to researchers, a new version of this threat is on its way.

Read more

CookieMiner Mac Malware Wants Your Cookies & Your Crypto Funds

Recently, the researchers at Palo Alto Networks have discovered a new Mac malware named CookieMiner. In the world of cyber threat, there are numerous Mac malware but CookieMiner has been specifically designed by the group of cyber criminals to steal users cookies, crypto funds and other vita details that stored on Mac system. Upon the depth analysis on its sample, researchers revealed that it mainly intercepts the browser cookies related to the cryptocurrency wallets and exchanges of the wallet service providers.

Read more

The New Ransomware Try To Steal Credentials Of PayPal

Till now ransomware is known for encrypting data and forcing victim to pay ransom. But a new ransomware has been detected by security expert which is designed to steal PayPal credentials. However the ransomware is in development stage but according to report it is very effective. Where other ransomware provides ransom note to victims and want them to complete ransom by paying Bitcoins, this ransomware provide option to complete ransom via PayPal. Such attacks show how the cyber criminals are updating with the changing year. The main motive of this scam is to gain access of user’s login and password for PayPal account and then steal the credentials stored in it.

Read more

Almost 1M Dollar Made By Hackers Using Fake Electrum Update

Hackers always find new illegitimate ways to generate money and recently they targeted Electrum bitcoin wallet to do that. As reported in a security report, hackers has made more than 250 Bitcoin which is equal to about one million dollar. They have earned such a huge amount after the phishing attack on the bitcoin wallet. However, Electrum is considered as a safest bitcoin wallet but it is also targeted by criminals which show how sophisticated they are. The vulnerability of this bitcoin wallet is still unpatched and according to expert the attackers can take up the attack again with the help of a new repository. The clever attack was initiated in such a way that most wallet user’s can’t detect the evil trick.

Read more

Facebook Worm Can Be Created By Exploiting Clickjacking Flaw

Facebook has always been on target by cyber criminals. Specially in the year 2018 this social media platform suffers from several security breaches. Recently a Polish security analyst has reported about Clickjacking bug which can affect the Facebook mobile version sharing dialog feature. However the vulnerability doesn’t affect desktop version of Facebook. According to the researcher’s report, using this vulnerability cyber criminals can develop a nasty Facebook worm. Report further state that the flaw has been abused by the group of hackers in real time attack which distributes spam. The hacker group behind this scam use to post a link on Facebook walls of targeted users. Researcher want that Facebook must take the problems seriously and should fix it immediately.

Read more

Recently Patched CVE-2018-8611 Is Exploited By Cyber Criminals

Cyber criminals are becoming sophisticated and CVE-2018-8611 exploit is a big example of it. A vulnerability in the Windows OS was detected in October 2018 and reported to the Microsoft. Taking action, the giant company fixed this vulnerability immediately but it is again exploited by threat actors. According to a recent security report, the flaw in ntoskrnl.exe is being used in some malicious campaign. Report also reveal that the vulnerability mostly target African and Middle east countries. To gain privileges of CVE-2018-8611 the cyber offenders first infect the targeted computer. Using this security flaw the cyber crooks can get complete remote access over their target and execute every malicious and illegitimate process which they want.

Read more

Black Friday 2018 Tricks Customers To Provide Personal Detail

Cyber crime is on rise and Black Friday 2018 is one of the latest cyber offense. However Black Friday is considered as an opportunity user’s can grab deal but it also give a chance to cyber crooks to steal personal data. According to security report, there are numerous of Black Friday websites and apps are ready to steal collect personal data as well as credit card information of customers. These bogus website and apps attract customers by providing number of interesting deals like limited time offer, minimum price, prize on shopping and more. Many customer can’t ignore these attracting deals and falls victim of such fraud. As published by a security firm, lots of Black Friday apps and websites were found malicious.

Read more

1 2 3 11