29 Oct 2019

City of Johannesburg Refuses to Pay Ransom to Hackers

The City of Johannesburg, South Africa, which suffered a ransomware attack last week, will not pay the ransom of 4 bitcoin (over $37,000) demanded by the attackers. The threat group, calling itself the Shadow Kill Hackers, says it has obtained passwords, financial records, personal population information and other sensitive information

Read More
29 Oct 2019

Fashion Site Sixth June Leaking Card Data to Magecart Hackers

Security researchers have uncovered two major Magecart campaigns since last week. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the payment card information of visitors. Last week it was reported that the website of Procter

Read More
28 Oct 2019

Ransomware hackers demand payment for not releasing Johannesburg data

The City of Johannesburg, South Africa suffered a ransomware attack last Thursday that prompted the city to take its call center, website and e-services platform offline. The threat actor, calling themselves the Shadow Kill Hackers, not only encrypted data on infected systems, but also stole unencrypted records. They are threatening

Read More
28 Oct 2019

Nasty PHP7 remote code execution bug exploited in the wild

Threat actors have begun exploiting a recently fixed remote code execution (RCE) vulnerability in PHP 7 in order to compromise vulnerable servers, researchers with Bad Packets are warning. The flaw, tracked as CVE-2019-11043, is very easy to exploit using proof-of-concept exploit code that was recently published on GitHub. In order

Read More
28 Oct 2019

Microsoft Office Bug Remains Top Malware Delivery Vector

A recent report by Cofense shows that in the third quarter of this year, the most common technique for distributing malware via phishing campaigns is the exploitation of CVE-2017-11882, a critical flaw in Microsoft Office that was patched in 2017, but has been around for almost two decades. Attackers embed

Read More
25 Oct 2019

Blacklisted apps increase 20%, attackers focus on tax-branded key terms

The number of blacklisted mobile apps that are available on third-party app stores has increased by 20% in the second quarter of this year, a new RiskIQ report shows. These malicious apps make up 2% of all apps. Surprisingly, blacklisted app in the Google Play Store actually declined by 59%.

Read More
25 Oct 2019

A DDoS gang is extorting businesses posing as Russian government hackers

Threat actors are impersonating the notorious state-backed Russian hacking group Fancy Bear (aka Sofacy, APT28 and Sednit) as part of a distributed denial-of-service (DDoS) extortion campaign targeting organizations in the financial sector. According to Daniel Smith of Radware, the threat actors launch “large scale, multi-vector demo DDoS attacks” against a

Read More
25 Oct 2019

iOS Clicker Trojan Malware Found in 17 Apps in Apple’s App Store

Researchers with Wandera Threat Labs have uncovered 17 malicious iOS apps on the Apple App Store that carried out ad fraud on infected iPhones, iPads, and iPods. After installation, a clicker Trojan in the apps would start running in the background, simulating ad clicks  and opening web pages. The researchers

Read More
25 Oct 2019

Ongoing Phishing Campaign is Targeting UN and NGOs

Threat actors are targeting the United Nations (UN) and several NGOs in a mobile phishing campaign that aims to capture login credentials for Okta, Office 365 and Outlook accounts, research by Lookout shows. The phishing websites check whether users are using a mobile device in order to deliver relevant content.

Read More
25 Oct 2019

Raccoon Malware Scavenges 100,000+ Devices to Steal Data

Researchers with Cybereason have been tracking the rising popularity of the Raccoon information stealer, which is distributed on the dark web according to a malware-as-a-service (MaaS) model. Raccoon was first detected in April of this year. Since then, it has made it’s way onto more than 100,000 devices around the

Read More