Security

boeing-737

A New Boeing 737 Themed Spam Campaign Pushes Malware

A global mail-spamming campaign is taking advantage of people’s fear and curiosity. The messages warn the receptors of imminent airplane crashes through supposed leaks of confidential information. The trick is hidden...
account_sale

Hacker Puts Another Batch of 26 Million Accounts for Sale on the Dark Web

Gnosticplayers puts the fourth batch up for sale on the dark web, with 26 million accounts deriving from six data breaches. Each of the website sub-batch of account credentials is sold for...
gearbest

Gearbest Server Leaking Millions of Highly Critical Customer Data

An unprotected Elasticsearch database belonging to Gearbest is giving malicious actors everything on a plate. From personal identification information to banking data and payment vouchers, there’s nothing that's missing. The vast...
DNS_server

How Malicious Actors Use DNS Tunneling to Exfiltrate Data

Malicious actors infiltrate and exfiltrate data through DNS tunneling and C2 channels. The packets are sent from the malware on the infected system and then stitched together on the server side. ...
cloud_email_IMAP

Legacy IMAP Cloud Email Accounts Under Massive Takeover Attack

Many thousands of cloud email account takeover attempts were detected in the past couple of months. Most of the targeted accounts use the IMAP protocol, resulting in high success rates for the...
Pakistani Government Website Compromised Using ScanBox Keylogger

Pakistani Government Website Compromised Using ScanBox Keylogger

Trustwave’s SpiderLabs Research team identified an instance of the ScanBox keylogger tool on a Pakistani passport application tracking website. Authorities were notified about the breach earlier this month, and the vulnerability has been...
counter_strike

Counter-Strike 1.6 RCE Vulnerabilities Infect Players’ PCs with Trojan

Counter-Strike 1.6 players are becoming part of a vast botnet network, and Valve doesn’t care about the fact. An antivirus product team has discovered the problem and took action to mitigate the...
android_adware

Adware infects 206 Android Apps Downloaded 150 Million Times

Multiple Android app developers were tricked into using a malicious ad-serving SDK. The malware communicates with a C2 server and gets commands on what action to follow. The possible actions include...
glitchpost_interface

A New Iteration of the GlitchPOS Malware is on Sale on Crimeware Forums

The popularity of PoS malware tools that steal credit card information from terminals is on the rise again. Researchers notice that crimeware forums are selling new iterations of previously popular malware tools....
powload_north_america

Powload Still Alive, Powerful, and Continually Evolving

Powload is here to stay, as attackers are continuously putting an effort in its development. From its victim targeting process to its malicious code delivering, everything has grown more targeted and persistent....

Most Popular