Ransomware Attack in Spanish Radio Station and IT Company: Demanding 835,923 USD

BitPaymer Ransomware’s variant attacked Spanish’s IT provider: Spanish Radio Station hit by unknown attackers According to report, Spanish IT provider and radio station both are currently suffering from Ransomware attacks resulting in file encryption. Everis as NTT DATA Company which is described as MSP (Managed Services Provider) and Cadena SER are facing file encryption on their respected machine. For those who are not aware, Ransomware developer or hacker has targeted earlier list of high-profile companies and government agencies and this malicious activities is continue to grow Ransomware attack at alarming rate. Let’s start the discussion about Spain’s Ransomware attack in detail. Everis computer hit by Ransomware: Spanish IP provider & Radio station is targeted by hacker At the moment, Everis has not confirmed that their System attacked by Ransomware. But report says i.e., leaked image shared by Bleeping Computer that states that ransom note displayed on Everis’s computer seems to Read more

Titanium Backdoor Uses Multi-Stage Process to Target Asia-Pacific’s Users

According to report, cyber security experts & researchers have discovered a new cyber threat that targets the south and southeast Asia. Experts founded hacker group behind this malware campaign which exist as name of Platinum or Advanced Persistent Threat (APT) hacker group Platinum uses Titanium Trojan for malicious purposes. Hacker claims that Titanium is powerful backdoor malware that is delivered as final payload due to multi-stage infection process. However, this new backdoor malware developed by Platinum hacker group is targeting victims in Malaysia, Indonesia and Vietnam, located in South and Southeast Asia. Let’s start the discussion about this malware attack in detail. Platinum hacker group developed Titanium backdoor Malware: Multi-stage infection According to security experts, Titanium is one of the self-executable archives backdoor viruses that spreads as final payload due to multi-stage infection process including usage of steganographically hidden data. This infection process also helps the malware to avoid detection Read more

APIs Bug allows the developer to access Facebook Users’ Private Photos

According to report, Facebook has disclosed another APIs bug on Friday which has exposed data of about 6.8 million users. The leaked data allows the app developers to access users’ private photos with their permission. Facebook said about this APIs bug that the error impacted the hundreds of apps in which users have created accounts and sign in using their Facebook login information. Hence, we can say that due to software bug, hundreds of software developer is able to access to broader range of Facebook photos than are usually allowed. Let’s take have a look at leaked story in detail. APIs bug allows the developers to access private photos of users For those who are not aware, if someone gives the permission to any app to access their photos on Facebook, then they usually give the application access to photos people share on their timeline. Facebook shared a blogpost and Read more

7.5 million Adobe Creative Cloud accounts exposed Online

Almost 7.5 million Adobe Creative Cloud user records were left uncovered to anyone with a web browser that includes account information, email addresses, and which Adobe products they use. Comparitech collaborated with security researcher Bob Diachenko to bring out the unprotected database. The Elasticsearch database could be accessed without a password or any other authentication. Diachenko quickly notified Adobe on October 19 and the company secured the database on the same day. This sincere failure affected desktop and mobile customers using Photoshop, Illustrator, Premiere Pro, InDesign, Lightroom, and many other services. Everyone knows the fact that personal details, including email addresses, account details, country, and other data of Abode Creative Cloud users, was stored in the affected database. The breach was at first revealed back on October 19, so Adobe has already taken the required actions. Adobe Communications Team has mentioned in its release on October 25th: Late last week, Read more

How to remove Chmet.me from PCs

Step by step Chmet.me removal guide The Chmet.me domain is reported to affect browsers such as Google Chrome, Internet Explorer and Mozilla Firefox. Depending on Geo-location, it causes redirects to shady sites or displays questionable content. This questionable website also delivers push notifications. It is very likely that sudden appearance of this domain is because of some potentially unwanted application or adware application on the computer. This is the PUP which is needed to be removed to remove Chmet.me and get rid of browser misbehavior and possible malicious process. You should not hurry in performing virus removal, if you encounter Chmet.me domain. Many a time, users land on the domain via getting redirected through some specific developers promoted website. If this is yours case, all you need to do is close the window or terminate the browser process from Task Manger. Repeatedly appearance of Chmet.me on your browser creates major Read more

Adobe Left Data of 7.5 Million Users Exposed To The Public

Almost 7.5 million Adobe Creative Cloud user records were left unsecured on the internet with a web browser, including account information, email addresses and which Adobe products they use. “We do not know when, exactly, the database first appeared, but Diachenko estimates it was exposed for about a week. We do not know whether anyone else gained unauthorized access to the database in the meantime”, — writes Paul Bischoff. The exposed details mainly contained information about customer accounts, but not passwords or financial information. Moreover, the database included information on the date of creation of the account, the last date of login into the device, the status of subscription and payment, as well as a note on the account belonging to an Adobe worker. Although, the database that was exposed did not include financial and vital confidential details in the user data for example names, scammers can still utilize it Read more

More Than Half of Companies Still Use Outdated OS

Huge percentage of companies still use systems based on older variants of Windows such as Windows 7 and Windows 2000 which puts them at serious risk. This data is provided in the CyberX 2020 Global Io/ICS Risk Report, based on the information gathered from more than 1800 networks around the world from October 2018 to October 2019. “Based on data collected in the past 12 months from 1,821 production IoT/ICS networks — across a diverse mix of industries worldwide — the analysis was performed using passive, agentless monitoring with patented deep packet inspection (DPI) and Network Traffic Analysis (NTA)”, — tell about their job CyberX specialists. This information states that IoT/ICS environments continue to be soft targets for opponents, with security gaps in key areas such as: 1. Outdated operating systems 2. Direct internet connections 3. Remotely accessible devices 4. Unencrypted passwords 5. No automatic AV updates 6. Unseen indicators Read more

Autoclerk Leaks U.S. Government And Military Personnel Data

A vpnMentor’s research team revealed a failure in a database belonging to Autoclerk, a reservations management system held by best Western Hotels and Resorts Group. The secretary included subject matter about a number of hotel consumers who made reservations around the world using various services. Autoclerk is a reservations management system utilized by resorts to manage web bookings, profits, loyalty programs, guest profiles and payment activity. Victim of this leak was the U.S. government, military and Department of Homeland Security, says the research. On September 13 this year, according to information of security experts, they disclosed a defenseless Elasticsearch database during a large-scale scan of open ports in a certain range of IP addresses. “Open Elasticsearch database was discovered through vpnMentor’s web mapping project. It was possible to access the database, given it had no encryption or security barriers whatsoever, and perform searches to examine the records contained within”, — Read more

iTunes Zero-Day Vulnerability Patched with Latest Apple Updates

Attacker uses iTunes zero-day to install BitPaymer Ransomware on Windows According to report, Apple Company has patched iTunes zero-day security flaw that allowed the cybercriminals to bypass the detected of antimalware software and install BitPaymer Ransomware on Windows devices. For those who are not aware, cyber security experts & researchers from Morphisec discovered a new cyber attack that uses iTune Zero-Day bug to install BitPaymer Ransomware on target machine. The attackers breached the targeted company without triggering antimalware protection alarms. However, Morphisec were shared the details of the attack with Apple within disclosure period and waiting for official patch. Let’s start the discussion about iTunes zero-day vulnerability in details. iTunes zero-day vulnerability allows the hacker to bypass the detection of security software Report says, security researchers have discovered the zero-day bug in Windows version of iTunes app that allows the hacker to infect the target machine by installing BitPaymer Ransomware Read more

Twitter Used 2FA Phone Numbers For Targeting Sponsored Ad

Social networking site Twitter revealed today that it used phone numbers provided by users for two-factor authentication (2FA), along with email addresses to display targeted ads. “We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system”. The phone numbers and emails that became visible to several advertisers were the same one that were entered by users in the multi-factor protection section with purpose to boost up their accounts security levels. This time users were not able to avoid the targeted advertisements. Twitter mentioned that they didn’t performed such nasty acts deliberately. The issue has been fixed on September 17 and Twitter accounts have stopped providing advertisers with user contact information. Company stated that, no other used-based data was Read more