Cyber Attack News, Articles and Updates

Beware Catphishing attacks targeting the hearts of security pros

Malwarebytes researchers are warning IT workers seeking love online to beware "CatPhishing" scams which can leave entire companies devastated.

Star Wars Sith Droid botnets hijack send-to-a-friend modules to send spam

Forces of the dark side are hijacking send-to-a-friend (a.k.a. share-with-a-friend) social sharing modules to send random Star Wars quotes and malicious links.

Man charged for using vDOS hacker for hire against Minnesota firm

Federal prosecutors are charging John Kelsey Gammell with using hackers for hire to launch DDoS attacks against former employers.

Americans worry about cybercrime more than they worry about car theft

American's are worrying more about becoming victims of cybercrime far more than they are worrying about becoming victims of conventional crimes.

iXintpwn/YJSNPI distributed in app stores once used to spread ZNIU

App stores that once distributed the rootkit malware used by ZNIU are now distributing a new iXintpwn/YJSNPI Variant.

RIG EK used to spread Matrix ransomware via malvertising

Matrix ransomware is now being distributed via the RIG exploit kit on various sites displaying malvertising.

Password reuse results in Coinhive DNS Server used to mine Monero

Password reuse resulted in an unknown hacker taking over Coinhive's DNS server and replacing it with a JavaScript in-browser Monero cryptominer.

DUHK, DUHK, DUHK stolen encryption key attack

After the KRACK epidemic and the ROCA scare the latest DUHK cryptography attack may more of a threat than its quacked up to be for old Fortinet FortiGare devices.

Elmedia unknowingly distributed OSX/Proton malware

A trojanized version of Elmedia Player software was seen being distributed via Elmedia's own official site in the late hours of Oct 20, 2017.

Are drive by cryptominers more profitable than drive-by-malware?

As cryptocurrencies grow in value researchers have taken note that cybercriminals are adapting old drive-by download style attack methods.

TrickBot tests waters in Latin America in expansion of global reach

The cybergang behind the Trickbot banking trojan appears to have set its sights on Latin American as it continues to expands its list of global targets.

Oilpro.com founder sentenced to prison after pleading guilty for hacking competitor

The founder of a professional networking site was sentenced to a year and one day in prison after hacking into a competitor's database.

WannaCry spotted for just $50 on underground Arabic forum

WannaCry ransomware was spotted in an advertisement on the Middle Eastern and North African underground forums for $50 just two days after the malware's outbreak.

ATMii ATM malware, simple yet effective

A new family of ATM malware, dubbed ATMii, which is using legitimate proprietary libraries and a small piece of code to cause the machines to spit out money.

Pornhub users hijacked by malvertising campaign malware infections

Kovter Group malvertising campaign put millions at risk of ad fraud malware infections. Fake browser updates hoodwink users into installing malware.

City of Englewood, Colo. hit with ransomware

The city of Englewood, Colo. was hit with a ransomware attack which brought down the cities internal network.

CBS's Showtime sites silently used Monero Miners on user's browsers

CBS's Showtime is the latest site to silently mine cryptocurrencies off of the systems of unsuspecting users in the latest trend of cryptocurrency miner infections.

Rate of data compromise revealed: 121 records per sec; defenders lagging

More data records have been breached in the first six months of 2017 than the whole of 2016. The Gemalto Breach Level Index reports that this amounts to an astonishing 121 records lost or stolen every second of every day.

Aggressive campaign spreads Locky variant with single identifier

An aggressive ransomware campaign is infecting victims with a Locky variant that only uses a single identifier for all of its victims.

N. Korea targets Bitcoin and other cryptocurrency firms amid sanctions

North Korean hackers are targeting banks and other cryptocurrency outlets as international sanctions appear to take their toll on the Hermit Kingdom.

Ransomware and IOT attacks spell trouble for transportation industry

The ransomware and IOT threat landscapes are merging into a greater threat for transportation sector.

Rural New York sheriff's department hacked

The Schuyler County (New York) Sheriff's Department's 911 emergency contact system was temporarily knocked offline by what local officials said was an attack by a foreign country.

Instagram API hacked to access verified accounts of Selena Gomez, others

Instagram confirmed it was hit by a cyberattack targeting several high profile celebrities.

Connected devices can get pwned by attackers every 2 minutes

IoT device pwned by credential attackers once every 120 seconds in SANS research using real connected device rather than honeypot.