Category: Security News

Today, the two Japanese defense contractors -Pasco Corporation and Kobe Steel disclosed the security breaches happened in the May 2018 and in June 2015/August 2016. The geospatial provider and major steel provider also confirm about this authorized access to the internal network and infect the systems in it with malware during the two incidents. Pasco is a provider of satellite data and Kobe is the supplier of submarines parts for the Japan Self defense forces. As per Pasco, the breach did not lead to the leakage of any defense information. However, the kobe’s statement did not mention anything on it. But, as per Nikkei reports, 250 files with data related to Ministry of Defense and personal info were compromised due to the company’s server hacked. Japanese Defense Minister, in a press conference on January 31 said, the two companies are the last of the four defense related firms hacked between Read more

In December 19, 2019, Wawa, a company from East Coast of the US, announced about data breach on their retail giant shop. The company believed that the breach was a result of being infected with point of sale POS malware. This is the same malware that led Visa to warn fuel stations throughout North America and the pumps and devices attached being the target of Cybercriminal organizations. POS malware is especially designed to steal credit and debit card details from point of sale devices to process card payments. It encrypts the data of the card on payment devices before sending for the approval to bank network. The encryption occurs inside the RAM of the device which allows the malware to scrap the hardware and steal the card details. The command and control server of hackers’ control then connect to the device and receive the information. Returning to the Wawa incident, Read more

The last update for the Windows 7 OS has damaged some of the desktop wallpaper features and caused user’s backgrounds to become a blank black screen. Windows 7 reached its end of life on January 14th 2020, which means there will be no more fault fixes or free security updates after that date. Microsoft released the final free Monthly Rollup on the same day, KB4534310 that includes the last quality updates and free security updates for Windows 7 users. According to multiple reports in the Microsoft Forums, people have got to know that after installing the Windows 7 KB4534310 and rebooting the PC, their desktop wallpaper would no longer be displayed. Security team as capable of reproducing this issue and when using any other image position, the wallpaper properly displays. Once you configure it to use ‘Stretch’ and restart, the image will be black. In the tests, the WallpaperStyle Registry Read more

Researchers from SophosLabs discovered that Fleeceware app overcharges users for providing its services when the short trial period got expired even if the app is uninstalled. The Fleeceware phenomenon was discovered on September last. Google took down this app due to such unfair practices. But, security experts found more culprits and the number of installers of the app exceeds 600 million. Users lose their hundred of dollars The trial period of Fleeceware app operated on opt-out basis, which means users who signed up to the apps had to cancel the trial before they get charged. The users who acquired the trial-based application and soon uninstalled the apps from their device do not get charged as developers assume that the product does not satisfy the customer.  However, some developers did not play all that fair and they charged users even if they uninstall the apps from their phones or tablets. “As Read more

Users are redirected to fake Amazon support sites and tech support scams because a malicious ad campaign is underway in Google Search results. When a person clicks on the ad, he will be rerouted to a domain that tries to portray Amazon and includes a phone number to call to acquire help. This number is 1-844-325-7794, which is different from the legitimate Amazon support number of 1 (888) 280-4331. In addition to Amazon support scams, other ads revealed by the investigator were for the search keywords “my account” and “login” that lead to a number of different tech support scams like the one below. Thousands of users look at these ads and wonder how anyone could fall for them. The truth is that there are many people, particularly older people, who are not comfortable with computers, the Internet, and receiving support via online chat and email. These types of users Read more

After intervention integrated by the International Criminal Police Organization (INTERPOL), the number of routers infected with coin miners in Southeast Asia dropped by 78%. INTERPOL is an inter-governmental organization that joins police forces from 194 countries in battling crime in multiple locations across the world. INTERPOL’s operation in Southeast Asia was established in June of 2019 and permits investigators and experts from 10 Southeast Asian countries to observe compromised routers. This led to repairing infected devices and removing coin miners. When the initiative got down, INTERPOL perceived over 20,000 hacked routers in the area, which accounted for over 18% of cryptojacking infections worldwide. Since the integrated operation began, the number of devices infected has dramatically decreased. However, INTERPOL’s efforts to remove the infections from leftover devices will continue into the New Year as cryptojacking continues to jeopardize safety. INTERPOL’s Operation Goldfish Alpha established in June 2019 permited cybercrime researcher and Read more

Zeppelin ransomware is a new dangerous file-encoding malware that has been found to be infecting large healthcare and technology organizations worldwide. Victims of this deadly crypto-threat are largely from USA, Canada and Europe. Reports from Cylance researchers suggest that this virus is known to be Delphi-based RaaS and belongs to the family of Vega/Vegalocker ransomware. The initial Vegalocker threats were spotted at the beginning of 2019 attacking Russian speaking users. Within a period of only a bit over a month, Zeppelin ransomware was modified so much and enhanced upon Vegalocker. According to the security researchers, there might be a different hacker group spreading it altogether. Malware analysis displayed that it is developed to prevent its execution if it infiltrates your PC that is situated in Russia or other countries that fall under USSR block in the past. In a stark opposition to the Vega campaign, all Zeppelin binaries (as well Read more