Robert Abel SC Media

Robert Abel

Content Coordinator/Reporter

Most recent articles by Robert Abel

Chucky is a rogue IoT device in latest Child’s Play trailer

By

The most recent iteration of the Child’s Play franchise features the murderous doll Chucky as a rogue IoT device gone mad. The new film’s trailer features Chucky connected to the “Buddi” platform which allows users to control all of their connected home devices including various electronics, toys, and anything else that can be forged into…

Cisco patches 29 vulnerabilities including one being actively exploited in Sea Turtle campaign

By

Cisco latest round of security updates addresses 29 vulnerabilities in multiple Cisco products that could allow a remote attacker to take control of an affected system and one of which is being actively exploited in Sea Turtle campaign. Admins in charge of Cisco ASR 9000 Series Aggregation Services Routers have been instructed to urgently address…

NamPoHyu Virus ransomware targets Samba servers in a unique way

By

Researchers have spotted a new family of ransomware dubbed NamPoHyu virus or MegaLocker virus targeting remote Samba servers. While ransomware infections are typically installed on the computer that will be encrypted other malware, malicious email attachments, or by the attackers hacking a computer or network. This new variant searches for accessible Samba servers, brute forcing…

EA Origin client bug allows threat actors to run remote code

By

A vulnerability in the Electronic Arts (EA)  online gaming platform Origin could allow an attacker to trick unsuspecting gamers into remotely running malicious code on their computer. Security researchers Daley Bee and Dominik Penner of Underdog Security discovered the bug affecting tens of millions of Windows users with the Origin app installed, according to TechCrunch.…

Instagram main

You’re on ‘The Nasty List’ scam looks to steal Instagram credentials

By

A phishing scam is circulating Instagram claiming that users have made “The Nasty List” with the goal of stealing account credentials. The scam is spread via messages sent through hacked accounts claiming the recipients were spotted on the so called NastyList stating something like “OMG your actually on here, @TheNastyList_34, your number is 15! its…

Adblock Plus Exploit allows threat actors to read Gmail and other Google services

By

Independent security researcher Armin Sebastian discovered a vulnerability in Adblock Plus which can allow hackers to read a victim’s Gmail and look into other Google services. Adblock Plus is the world’s most popular free advertisement blocker with millions of users and extensions that run in all the major web browsers including Chrome, Edge, Firefox, Opera…

Apache Tomcat vulnerability results in remote code exectuion

By

Security researchers identified a remote code execution on windows vulnerability in Apache Tomcat. The vulnerability is rated “Important” and was identified by an external security researcher and reported to the Apache Tomcat security team via the bug bounty program, according to an April 10 blog post. The vulnerability leaves the CGI Servlet at risk due…

Threat actors gaining admin rights before ransomware infections

By

Threat actors are using accounts with admin privileges to install BitPaymer ransomware via PsExec suggesting threat actors are taking a more targeted approach to their distribution of malware. Similar to the Arizona Beverage ransomware attack earlier this month, a manufacturing company also appears to have been targeted in an attack in which the company’s name…

Oculus exec says U.S. Senator’s privacy policy questions on VR will be answered “in due time”

Facebook supply chain leak leads to Oculus headsets shipping with hidden messages

By

Facebook admitted a supply chain data leak in its new Oculus headsets resulted in the devices shipping out with secret messages reading “Big Brother Is Watching You,” “The Masons Were Here,” “This Space for Rent,” and “Hi iFixit! We See You!.” The messages were physically printed inside tens of thousands of new Oculus motion controllers…

pokemon

CryptoPokemon ransomware decryptor developed

By

A new ransomware dubbed CryptoPokemon encrypts user files and demands approximately $104 worth of Bitcoin to decrypt the files. CryptoPokemon encrypts files using SHA256 + AES128 and comes with a note containing an email address and website to contact the threat actors  who describe themselves as “valiant support [who] will help you solve this problem.”…

Next post in Ransomware