The Rubella Macro Builder has recently become popular in Russia. It is a cybercrimeware kit apparently capable of beating a basic antivirus defensive system. FlashPoint researchers first came across the kit in February being rented on a top-tier Russian hacking forum for around $500 per month. The researchers say it has undergone numerous updates, additions […]
Main Content
More News
Rubella Macro Builder Becoming A Major Nuisance
Western Digital My Cloud Leaks File On Local Network
According to researchers at Trustwave, the Western Digital My Cloud EX2 storage devices are leaking files to anyone it shares a local network with by default, regardless of permissions set by users. My Cloud EX2 also leaks files as a result of an HTTP request on port 9000 if it is configured for remote access […]
Authorities Close Down Webstressor.org
‘Operation Power Off’, law enforcement efforts in the U.S., U.K., the Netherlands and elsewhere, have taken down the DDoS-for-hire webstresser.org (previously webstresser.co) website. At its takedown, there were apparently 136,000 registered users who had launched between 4-6 million DDoS attacks worldwide over the past three years. According to Brian Krebs, it was “one of the […]
Drupal Release Patches for Drupalgeddon2 Vulnerability
Drupal has just issued its third flaw fix in a month, supplementing its previous patch for Drupalgeddon 2 with an unscheduled security update. After releasing a patch for a critical vulnerability in late March, Drupal is now having to do it all over again. The most recent Drupal core vulnerability has been titled SA-CORE-2018-004 and assigned […]
Android Trojan Is Targeting Asia Users
Kaspersky Labs has warned of an Android Trojan, dubbed Roaming Mantis, pretending to be a series of popular mobile applications in order to fool victims into installing the Android malware. Its targets are largely Asian users, particularly concentrated in South Korea, China, Bangladesh and Japan. It has been at work over at least the last […]
OceanLotus Uses Malware to Attack MacOS Systems
A new backdoor has been discovered by researchers at Trend Micro, which attacks MacOS systems, and is likely linked to the OceanLotus threat group. The cybersecurity firm, in a recent blog post, said the backdoor it dubbed OSX_OCEANLOTUS.D, targets Apple Mac operating systems that have the Perl programming language installed. The backdoor was uncovered within […]
Hackers Modify Code in AOL Advertising Platform
Trend Micro researchers recently found that hackers had gained entry to, and then modified code, in AOL’s advertising platform to mine Monero cryptocurrency. 500 other websites are also thought to be infected with the same CoinHive cryptocurrency mining script used on the AOL advertising platform. This includes MSN’s Japanese web portal, which was infected by […]
Fake Online Reviews Are Back Up Again
Back in June 2016, KrebsonSecurity wrote an exposé of various fake online reviews and sham websites, which pushed people seeking help for drug and alcohol addiction towards rehab centers that were secretly linked to the Church of Scientology. Krebs broke the story as part of a wider report on fake online reviews, warning people of […]
Drupal Vulnerable to Back Doors
On March 28th, a patch for a vulnerability on Drupal was released to protect the Drupal content management system (Drupal 6, 7 and 8) against the bug that facilitates remote code execution. The Drupal vulnerability was tracked as CVE-2018-7600 and discovered by Jasper Mattson of Druid. Prior to release of the patch, Drupal gave advanced […]
DNS Hijacking Used to Spread Malware
The new Roaming Mantis malware, discovered by Kaspersky Labs, which infiltrates Android smartphones to steal data and take control of devices, is operating via DNS hijacking. DNS hijacking is a kind of attack, which hackers use to redirect user queries to a domain name server (DNS), by overriding a device’s TCP/IP settings. “Basically, DNS is […]
Mirai Botnet Variant Attacking Financial Businesses
Recorded Future, a security company that specializes in machine-based threat intelligence, published information this week about a new IoT botnet, a variant of Mirai, which was the culprit behind a series of DDoS attacks on financial services companies earlier in 2018. After the Mirai source code was released online in October 2016, variants have continued […]
Stresspaint Malware Is Stealing Facebook User Data
Security researchers at Radware have identified a new information stealer called Stresspaint that appears to be looking for Facebook details it gathers from Chrome login dataon infected machines, along with session cookies. In a recently issued alert, Radware has dubbed the new Trojan “Stresspaint”, named after the free Windows application it hides inside, which is […]
Reaper Botnet Attacks Financial Firms
The Reaper botnet, also known as IoTroop, a variant of Mirai, has been linked to a recent spate of DDoS attacks on three financial institutions in the Netherlands. The three DDoS attacks that Reaper likely carried out took place on January 28th, 2018 on three different companies in the financial sector, all thought to be […]
Cisco Bug Leaves 8.5M Switches Vulnerable
A critical vulnerability in many Cisco networking devices has left 8.5M switches vulnerable to exploitation by attackers. The vulnerability could be leveraged by remote, unauthenticated attackers, allowing them to take over vulnerable devices and then execute arbitrary code, trigger a reload of the device, or cause an indefinite loop on the device that triggers a […]
Facebook – “Malicious Actors” Discover Identities on Two Billion Users
On Wednesday, Facebook said that “malicious actors” had taken advantage of search tools on its platform, allowing them to discover the identities of most of its 2 billion users, and collect information about them. The abuse of Facebook’s search tools, now disabled, happened over several years on a widespread basis, with very few of its users […]