Cyber criminals continue creating ransomware and updating them to keep their campaign active. LiLocked Ransomware which is also known as Lilu is among those threat which was active from some time but again detected in July with more intensive features. Because of its dangerous features, this threat has become popular among those who want to be a cyber criminal. According to security report, this ransomware has infected thousands of web server. Based on current infection sample, the ransomware is currently targeting file extension like JS, HTML, CSS, SHTML,INI and PHP which is hosted on Linux based web server only. Main reason why cyber crooks rely on these type of ransomware because it provide them an easy way to generate money.
Security researcher keep detecting flaws and vulnerabilities in the system to protect sensitive data. This time researchers have spotted a new type of attack which is used in targeting Intel server-grade CPUs created since 2012. According to the expert report, this attack is based on a vulnerability of Intel processor known as NetCAT (Network Cache Attack). Using this flaw, cyber criminals can attack processor to obtain SSH password and other sensitive data. Really it is a topic of concern because it allow bad actors to collect sensitive data without installing any malicious program on the targeted system. The flaw is also known as CVE-2019-11184 and it reside in optimization feature.
Industry and organization has always been on target of cyber criminals. Latest research report reveal a new term which is used to endanger cyber security and it is known as HVACking. This hacking term is introduced by researcher of a known security firm and it is widely utilized building controller system which is created to manage different system. The systems which comes under HVAC attack include heating, ventilation, air conditioning, alarms, pressure level in the controlled environments. According to report, this dangerous vulnerability is detected under the advisory to track a flaw known as CVE-2019-9569.
Organized cyber attack has emerged as a great threat to computer security and online business world. Godlua Backdoor is a latest attack on cyber security which is capable to attack both Linux and Windows operating system. It is a new backdoor malware which was spotted by security researchers in starting of July 2019. Apart from Linux and Windows, the malware is also capable to invade IoT (Internet-of-Things) devices. It indicate that the creator behind this dangerous threat are trying to target maximum amount of machines. However, at first security researcher consider this threat as a cryptocurrency miner trojan but later they found that the malware is used in a DDoS attack.
Cyber criminals continue advancing their technique to fulfill evil intention. This time they have targeted 12,000 MongoDB databases which is considered to be unsecured. The cyber crooks delete the targeted database completely and then want victims to contact them for further action. This attack is very similar to ransomware attack where it first encrypt files and then want user’s to purchase decryption key to restore files. However the amount of money demanded by cyber extortionist is not known but according to cyber expert, the crooks can demand money in cryptocurrency and the amount of ransom depends on the sensitiveness of the data which is stored in the database.
WhatsApp is among those social media application which can be found in everyone phone. But if you are also an user of this app then there is a bad news for you. Recently researchers has detected a serious vulnerability in this software which has been exploited. According to a security report, an Israeli hacker company known as NSO Group. The company is known to develop Pegasus, which is a dangerous spyware capable to jailbreaks infected devices.It is really serious because the spyware is capable to use camera, microphone and to gather sensitive information of the user. The vulnerability is known as CVE-2019-3568, and it was first spotted by Financial Times.
What is CVE-2019-3568 Vulnerability In WhatsApp?
CVE-2019-3568 Vulnerability which is also known as WhatsApp 0-Day flaw is used by attackers to remotely install a data collecting software on some selected Smart phones. In WhatsApp VoIP stack it is also known as buffer overflow which allow hackers to execute remote code via specially designed SRTCP packets series which is sent to the target phone number. Now the question is, which version of WhatsApp is targeted by hackers? Well the security report suggest that vulnerability has allow hackers to target different version of WhatsApp for both the Android and iOS operating system. Here is the list of WhatsApp version which is infected by the Pegasus spyware :
- WhatsApp for Android prior to v2.19.134,
- WhatsApp Business for Android prior to v2.19.44,
- WhatsApp for iOS prior to v2.19.51,
- WhatsApp Business for iOS prior to v2.19.51,
- WhatsApp for Windows Phone prior to v2.18.348,
- WhatsApp for Tizen prior to v2.18.15
Recently, LockerGoga has emerged as most disastrous ransomware strain. From last few months, hackers behind this ransomware has used this threat to target high profile companies including Norsk Hydro. Now researchers has bring a good news for us about this dangerous threat. According to researchers the ransomware has a coding error which may help user’s to protect their computer and destroy the ransomware before it encrypt files. The code error or bug is detected by security analyst of a firm known as Alert Logic. Really it is a great discovery because it not only help victims to vaccinate their PC’s but also prevent the ransomware from encrypting files even it attack the system.
Till now, Mirai Botnet was known for DDoS attacks only but now it has launched a new variant which is designed to target Enterprise device. The main purpose of this latest Mirai IoT Botnet behind targeting embedded device is to get control over the larger bandwidth to execute terrible DDoS attacks. Report reveals that the main author of this malware has been captured by security experts but the malware keep launching variants because its resource code is still available on Internet from 2016. First, Mirai Botnet was only known as Internet of Things (IoT) Botnet which infect security camera, routers, DVRs and similar smart devices, but later it started doing DDoS attacks.
Cyber criminals are using sophisticated technique to fulfill their devil intention. Belonard Trojan is a latest example of their malicious creation which can cause several damage on targeted computer. Cyber crooks are using this trojan as a weapon to target PC user’s all over the world. Similar to any other malicious threat, it is also capable to run different kind of harmful activities in the system but the most scary one is data harvesting. It clearly means that the main motive of offenders is not to damage the computer, their main target is to obtain personal data of victim. The trojan has targeted lots of PC’s and according to researchers, a new version of this threat is on its way.
Recently, the researchers at Palo Alto Networks have discovered a new Mac malware named CookieMiner. In the world of cyber threat, there are numerous Mac malware but CookieMiner has been specifically designed by the group of cyber criminals to steal users cookies, crypto funds and other vita details that stored on Mac system. Upon the depth analysis on its sample, researchers revealed that it mainly intercepts the browser cookies related to the cryptocurrency wallets and exchanges of the wallet service providers.