The City of Johannesburg, South Africa, which suffered a ransomware attack last week, will not pay the ransom of 4 bitcoin (over $37,000) demanded by the attackers. The threat group, calling itself the Shadow Kill Hackers, says it has obtained passwords, financial records, personal population information and other sensitive information
Security researchers have uncovered two major Magecart campaigns since last week. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the payment card information of visitors. Last week it was reported that the website of Procter
The City of Johannesburg, South Africa suffered a ransomware attack last Thursday that prompted the city to take its call center, website and e-services platform offline. The threat actor, calling themselves the Shadow Kill Hackers, not only encrypted data on infected systems, but also stole unencrypted records. They are threatening
Threat actors have begun exploiting a recently fixed remote code execution (RCE) vulnerability in PHP 7 in order to compromise vulnerable servers, researchers with Bad Packets are warning. The flaw, tracked as CVE-2019-11043, is very easy to exploit using proof-of-concept exploit code that was recently published on GitHub. In order
A recent report by Cofense shows that in the third quarter of this year, the most common technique for distributing malware via phishing campaigns is the exploitation of CVE-2017-11882, a critical flaw in Microsoft Office that was patched in 2017, but has been around for almost two decades. Attackers embed
The number of blacklisted mobile apps that are available on third-party app stores has increased by 20% in the second quarter of this year, a new RiskIQ report shows. These malicious apps make up 2% of all apps. Surprisingly, blacklisted app in the Google Play Store actually declined by 59%.
Threat actors are impersonating the notorious state-backed Russian hacking group Fancy Bear (aka Sofacy, APT28 and Sednit) as part of a distributed denial-of-service (DDoS) extortion campaign targeting organizations in the financial sector. According to Daniel Smith of Radware, the threat actors launch “large scale, multi-vector demo DDoS attacks” against a
Researchers with Wandera Threat Labs have uncovered 17 malicious iOS apps on the Apple App Store that carried out ad fraud on infected iPhones, iPads, and iPods. After installation, a clicker Trojan in the apps would start running in the background, simulating ad clicks and opening web pages. The researchers
Threat actors are targeting the United Nations (UN) and several NGOs in a mobile phishing campaign that aims to capture login credentials for Okta, Office 365 and Outlook accounts, research by Lookout shows. The phishing websites check whether users are using a mobile device in order to deliver relevant content.
Researchers with Cybereason have been tracking the rising popularity of the Raccoon information stealer, which is distributed on the dark web according to a malware-as-a-service (MaaS) model. Raccoon was first detected in April of this year. Since then, it has made it’s way onto more than 100,000 devices around the