Researchers discovered a ransomware with Botnet capabilities representing threat actors diversifying attack methods to raise the ante. Trend Micro researchers spotted the ransomware dubbed “Viborot” targeting users in the United States that once infected, the machine would become part of a spam email botnet that sought out new ransomware victims, according to a Sept. 21…
A Romanian citizen pleaded guilty to federal charges stemming from her role in a ransomware attack which involved hacking Washington, D.C., police cameras days before the 2017 Presidential Inauguration. Eveline Cismaru, 28, pleaded guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer fraud in charges stemming…
Flashpoint researchers discovered a Russian speaking underground market place named “Magbo” selling access to approximately 3,000 breached sites for as little as 50 cents. The site allowed cybercriminals to purchase the exact breach they need depending on the website value with prices as low as 50 cents per access to $1,000 per access, depending on…
Another Japanese cryptocurrency exchange was hit as thieves made off with roughly $60 million worth of Bitcoin, Monacoin and Bitcoin Cash. The attack targeted Tech Bureau’s Zaif exchange and took place over a two-hour period on Sept. 14 however, the firm detected server problems on Sept. 17 and didn’t confirm the attack until the following…
The Citizen Lab researchers identified 45 different countries in which operators of NSO Group’s Pegasus spyware may be conducting operations some of which targeting human rights advocates. The malware uses social engineering to encourage targets to click a specially crafted exploit link that will leverage a host of zero day exploits to penetrate a device’s…
Adobe has released a set of security updates for Adobe Acrobat and Reader for Windows and MacOS to address several critical and important vulnerabilities that could lead to arbitrary code execution in the context of the current user. Acrobat DC (Continuous), Acrobat Reader DC (Continuous), Acrobat 2017 (Classic 2017), Acrobat Reader 2017 (Classic 2017), Acrobat DC (Classic 2015) and…
Malicious phishing apps have once again made their way into the Google Play Store, this time imitating six online banks and a cryptocurrency exchange. ESET researchers spotted fake finance apps impersonating banks from New Zealand, Australia, the U.K., Switzerland and Poland, and the Austrian cryptocurrency exchange Bitpanda, according to a Sept. 19 blog post. JPMorgan…
Facebook Monday announced it is expanding its bug bounty program to include vulnerabilities related to access token exposure. Tokens allow people to log into another app using Facebook and are uniquely generated for the specific person and app and the social media giant will now be offering at least $500 for vulnerabilities found in third-party…
The State Department was hit with an email breach that exposed the personal information of some of its employees. The agency sent a notice, dated Sept. 7, which described the incident as “activity of concern … affecting less than one percent of employee inboxes” and adding the breach did not affect the agency’s classified email…
Federal authorities seized millions dollars’ worth of cryptocurrency, luxury property, and exotic cars including a Lamborghini Aventador and an $80,000 Mini Cooper from a deceased Dark Web Kingpin. Canadian national Alexandre Cazes committed suicide by hanging in a Thai prison last summer after he was arrested on suspicion of operating the dark web marketplace AlphaBay,…
