New Ransomware Variant DoppelPaymer Demanding 100 BTC Ransom

According to report, Cyber security researchers have discovered a new ransomware variant that is known as DoppelPaymer Ransomware. This new Ransomware virus have been working or infecting victims’ devices since mid-June and asked them to pay 100 BTC amount of ransom money or in USD. Furthermore, CrowdStrike has researched that the ransomware has deteted at least eight versions which has powerful data-locking capabilities as well as stealing of data with each successive variant. Let’s take have a look at DoppelPaymer Ransomware in detail. What is DoppelPaymer the Doppelganger Ransomware? DoppelPaymer Ransomware has been discovered by security researchers who states that the ransomware has at least eight version and each variants have extended malware’s capabilities. Moreover, researchers found some similarities when they take its name with another Ransomware i.e., BitPaymer Ransomware. Both the Ransomware variant uses similar source code. Let’s take have a look at statement of CrowdStrike which talks about Read more

Facebook Fined $5 Billion By FTC For Privacy Lapses: largest Penalty Ever

According to report, the popular social media platform Facebook has paid 5 billion USD as penalty to settle a probe into social networks’ privacy and data protection lapses. Federal Trade Commission (FTC) have approved the settlement in a 2-3 vote with two democratic members of consumer protection agency dissenting. We are seeing this is highest penalty ever paid by any organization. Let’s take have a look at story in detail. Facebook Fined $5 billion for privacy lapses: Largest Penalty Ever One thing is clear that FTC has approved the settlement with 2-3 votes and takes a strong decision that Facebook needs to pay $5 billion as penalty for privacy violation. On other hand, there is still need of the approval from Justice Department before finished this matter. However, there is no further detail released which will talk about the restrictions on how Facebook is able to use personal information. Let’s Read more

New Way To Extract Data: CTRL-ALT-LED Method Developed By Israeli Researchers

According to report, the Israeli security researchers at Ben-Gurion University has developed a techniques to steal data from any physically isolated devices by using LED indicators including Caps Lock, Num Lock and Scroll Lock keys on the Keyboard. This new techniques developed by Israeli specialists is known as CTRL-ALT-LED. Let’s take have a look at this new way to extract data in detail. CTRL-ALT-LED Data Stealing Method: New Way to Extract Data from Isolated System Researchers claim that there is need of pre-installation of malware on the targeted machine before using this new data stealing tool. CTRL-ALT-LED is just a way to gather data. Malware program by using custom data transfer protocol is capable to make LED indicators on USB connected Keyboard blinks at very high speed. However, attacker can record these flashes and then unlock the information using the same techniques that was used to lock the data. Moreover, Read more

PortSmash Vulnerability Found in Intel Skylake and Kaby Lake Processor

According to report, Cyber security researcher’s team from Technical University of Havana in Cuba and Tampere University of Technology in Finland has found PortSmash Vulnerability in Intel Processor. According to them, potentially attacker or Cyber criminals could exploit in order to steal personal or encrypted data from targeted machine due this major flaw. However, attacker can make targeted computer useless due to the use of simultaneous multi-threading features in Intel CPUs. Let’s take have a look at story in detail. Existence of Port-Smash vulnerability is due to use of Simultaneous Multi-threading According to researchers, use of Simultaneous multi-threading Technology (SMT) feature in Intel CPUs is the major reason of the existence of Port-Smash vulnerability. When we talk about this technology, it spits a given physical cores into virtual cores or threads that makes the possibility of each physical codes to process two instructions steams simultaneously. However, it starts its multi-threading Read more

Microsoft Spotted Astaroth Backdoor Trojan: FIleless Malware Attack

According to report, Microsoft researchers have recently spotted Astaroth Backdoor Trojan which is now back and using a living-off-the-land techniques to make it even harder for most the antimalware to identify the attacks. Thanks to Windows Defender ATP (well-known commercial antivirus Windows Defender for free) which was detected this risk during May & June 2019. Security researchers team was used specific algorithm to catch a form of fileless attacks in particular. Let’s take have a look at statement of Microsoft Defender ATP official report. “I was doing a standard review of telemetry when I noticed an anomaly from a detection algorithm designed to catch a specific fileless technique. Telemetry showed a sharp increase in the use of the Windows Management Instrumentation Command-line (WMIC) tool to run a script, indicating a fileless attack.” Fileless Astaroth malware spreads via malicious email messages with links to malicious .lnk file Microsoft researcher’s team found Read more

“Updates for Samsung” App Asks Users to Pay-up for Working Patches

According to report, CSIS Security group have researched that the deceptive app “Updates for Samsung” which is basically to designed to update Firmware for Samsung Smartphone without any cost. Apart from this Android application redirect users’ search on Ad-supported websites that shows ads in huge amount in order to convinces the users to pay up for the working security patches. The fact is that numerous users are not always able searching the correct Firmware & software updates for their Samsung Smartphone’s model, and due to this big reason, developers of Android take advantage of this situations and asks the targeted users to pay money. Let’s take have a look at story in detail. 10,000 Million Android Users/Customers Installed “Updates for Samsung” Report says, around 10,000 million Android users have already installed an updates for Samsung. According to security experts, the apps are not malicious at all which users have installed Read more

Libyan Hacker Delivered Malicious Posts on Facebook Pages, Groups and Profiles

Cyber criminals uses Facebook platform to spread malware to access users’ sensitive data According to security experts, this platform is one of biggest sources for Cyber criminals to spread malware to spy on targeted machine and collect curial data of innocent users. When we talk about Libyan hacker, this hacker group was since active for past five years. They are responsible for spreading malware across the mobile and desktop devices which help them to manage to access the sensitive infraction of victims in order click on unwanted links and downloading files posted on misleading Facebook page and groups. Let’s take have a look at complete story. Libyan hacker (suspect) spreads malware across desktop devices and mobile in order to access sensitive data of innocent users According to report, Libyan hacker is being involved in such illegal activities from last 5 years who have hacked numerous Facebook accounts as well as Read more

AWS S3 Buckets Disclosed Personal Details of Attunity: UpGurad’s Researcher Discovery

According to reports, the security researcher UpGuard has discovered three unprotected  Amazon S3 buckets which has exposed the personal information of Attunity (Israeli-based Database Management Company). Since, the databases contain sensitive information about Fortune 100 companies including Netflix, Ford, TD Bank and other companies. For those who are not aware, it was sported by UpGurad’ security researcher team in 13th May 2019. Let’s take have a look at this Cyber activities in detail. About Attunity: Largest Database Management Company Report says, Attunity is come in the top in the list of largest Database companies which has recently acquired by Qlik (Business Intelligent platform). Attunity is biggest corporation of the world like Pfizer, Dobly, Brown-Forman, Philips and many others. UpGurad Researcher team discovered AWS 3 buckets exposure: leaked information can be beneficial for Cyber Criminals When we talk about the sensitive information store in Attunity’s database, the data are backup of Read more

Attackers target macOS’ Gatekeeper Vulnerability to infiltrate OSX/Linker Malware

Intego Security researcher, Joshua Long, has analyzed an OSX/Linker virus. It is being developed to target the recently discovered macOS Gatekeeper Security flaw. This vulnerability, disclosed by Filippo Cavallarin, allows a malicious binary downloaded from the Internet to bypass Gatekeeper’s Scanning process. The researcher wrote upon his discovery in May, “On MacOS X version <= 10.14.5 (at time of writing) it is possible to easily bypass Gatekeeper in order to execute untrusted code without any warning or user’s explicit permission,” For your information, it is in Gatekeeper’s design to accept both the external drives and network shares as safe location which allows apps to run smoothly. However, putting these two features, it is possible to deceive the GateKeeper. How the vulnerability based attack work? It is believed that the attackers crafted a zip file and send it to a targeted system. Users download it because of lack of knowledge. The Read more