Another security vulnerability was detected by cyber security researchers which was affecting cable modems. The vulnerability was first detected by team of Danish security researchers known as Lyrebirds ApS. According to researchers report, cyber criminals was affecting these modems with the help of Broadcom chips. The vulnerability is also known as CVE-2019-19494 which is termed as dubbed cable haunt. Research also reveals that the security flaw has put more than 200 million of cable modems in Europe. Some security analyst also assume that this vulnerability is not limited in Europe and it is getting wider and may put more cable modem at risk of remote hijacking.
Spammer always use latest tricks to trap users and fulfill their malicious intention. Cyber criminals behind Emotet trojan have also joined this list and they are reported to utilize the upcoming Christmas party to spread the spam. They have already targeted many computer and because many PC user’s are unknown with this scam, they easily believe it thinking that it is really a Christmas party invitation. But report suggest that the cyber criminals are utilizing festival occasion to inject Emotet trojan in targeted system to execute their malicious activities. It is really a dangerous trojan which is designed to steal personal data from system and to spread other dangerous malware like cryptominers and ransomware.
Ransomware is like nightmare and no one wants to fall victim of this dangerous threat. Ransomware are those piece of malicious software which is designed to encrypt data stored on the targeted computer. if you own a system, you must have stored lost of important and confidential data on it and you never want to lose access of these data. However the best protection against these threat is to backup your important data on some safe storage device, but nowadays people also practice encryption to protect their data against ransomware.
Cyber criminals continue creating ransomware and updating them to keep their campaign active. LiLocked Ransomware which is also known as Lilu is among those threat which was active from some time but again detected in July with more intensive features. Because of its dangerous features, this threat has become popular among those who want to be a cyber criminal. According to security report, this ransomware has infected thousands of web server. Based on current infection sample, the ransomware is currently targeting file extension like JS, HTML, CSS, SHTML,INI and PHP which is hosted on Linux based web server only. Main reason why cyber crooks rely on these type of ransomware because it provide them an easy way to generate money.
Security researcher keep detecting flaws and vulnerabilities in the system to protect sensitive data. This time researchers have spotted a new type of attack which is used in targeting Intel server-grade CPUs created since 2012. According to the expert report, this attack is based on a vulnerability of Intel processor known as NetCAT (Network Cache Attack). Using this flaw, cyber criminals can attack processor to obtain SSH password and other sensitive data. Really it is a topic of concern because it allow bad actors to collect sensitive data without installing any malicious program on the targeted system. The flaw is also known as CVE-2019-11184 and it reside in optimization feature.
Industry and organization has always been on target of cyber criminals. Latest research report reveal a new term which is used to endanger cyber security and it is known as HVACking. This hacking term is introduced by researcher of a known security firm and it is widely utilized building controller system which is created to manage different system. The systems which comes under HVAC attack include heating, ventilation, air conditioning, alarms, pressure level in the controlled environments. According to report, this dangerous vulnerability is detected under the advisory to track a flaw known as CVE-2019-9569.
Organized cyber attack has emerged as a great threat to computer security and online business world. Godlua Backdoor is a latest attack on cyber security which is capable to attack both Linux and Windows operating system. It is a new backdoor malware which was spotted by security researchers in starting of July 2019. Apart from Linux and Windows, the malware is also capable to invade IoT (Internet-of-Things) devices. It indicate that the creator behind this dangerous threat are trying to target maximum amount of machines. However, at first security researcher consider this threat as a cryptocurrency miner trojan but later they found that the malware is used in a DDoS attack.
Cyber criminals continue advancing their technique to fulfill evil intention. This time they have targeted 12,000 MongoDB databases which is considered to be unsecured. The cyber crooks delete the targeted database completely and then want victims to contact them for further action. This attack is very similar to ransomware attack where it first encrypt files and then want user’s to purchase decryption key to restore files. However the amount of money demanded by cyber extortionist is not known but according to cyber expert, the crooks can demand money in cryptocurrency and the amount of ransom depends on the sensitiveness of the data which is stored in the database.
WhatsApp is among those social media application which can be found in everyone phone. But if you are also an user of this app then there is a bad news for you. Recently researchers has detected a serious vulnerability in this software which has been exploited. According to a security report, an Israeli hacker company known as NSO Group. The company is known to develop Pegasus, which is a dangerous spyware capable to jailbreaks infected devices.It is really serious because the spyware is capable to use camera, microphone and to gather sensitive information of the user. The vulnerability is known as CVE-2019-3568, and it was first spotted by Financial Times.
What is CVE-2019-3568 Vulnerability In WhatsApp?
CVE-2019-3568 Vulnerability which is also known as WhatsApp 0-Day flaw is used by attackers to remotely install a data collecting software on some selected Smart phones. In WhatsApp VoIP stack it is also known as buffer overflow which allow hackers to execute remote code via specially designed SRTCP packets series which is sent to the target phone number. Now the question is, which version of WhatsApp is targeted by hackers? Well the security report suggest that vulnerability has allow hackers to target different version of WhatsApp for both the Android and iOS operating system. Here is the list of WhatsApp version which is infected by the Pegasus spyware :
- WhatsApp for Android prior to v2.19.134,
- WhatsApp Business for Android prior to v2.19.44,
- WhatsApp for iOS prior to v2.19.51,
- WhatsApp Business for iOS prior to v2.19.51,
- WhatsApp for Windows Phone prior to v2.18.348,
- WhatsApp for Tizen prior to v2.18.15
Recently, LockerGoga has emerged as most disastrous ransomware strain. From last few months, hackers behind this ransomware has used this threat to target high profile companies including Norsk Hydro. Now researchers has bring a good news for us about this dangerous threat. According to researchers the ransomware has a coding error which may help user’s to protect their computer and destroy the ransomware before it encrypt files. The code error or bug is detected by security analyst of a firm known as Alert Logic. Really it is a great discovery because it not only help victims to vaccinate their PC’s but also prevent the ransomware from encrypting files even it attack the system.