Posts From Mo Moin

New ransomware spotted NamPoHyu Virus or MegaLocker virus targeting the remote samba servers in a unique way. The common way of delivering ransomware is through email attachments or by compromising the victim’s network and ransomware infection are installed on the

A security researcher identified eight unsecured databases that held “approximately 60 million records of LinkedIn user information.” GDI Foundation, where the security researcher is from, is a nonprofit organization with a mission to “defend the free and open Internet by

Attackers exploit the vulnerability of the Yuzo Related Posts plugin.Email automation service Mailgun has added a long list of companies that were victims of large-scale coordinated attacks on websites run by WordPress on Wednesday, April 10. In the course of

A financially motivated gang is targeting retailers and financial institutions around the world using remote access software. CyberInt’s Research Lab has found that TA505 is using tactics and an off-the-shelf commercial remote administration tool, developed by Russian-based company TektonIT. The

Facebook revealed that it has harvested and uploaded 1.5 million users email contacts who sign up for the social network since 2016. The email address was scrapped when Facebook asks users to enter their passwords who signed up for new

Security experts are warning of a new state-sponsored DNS hijacking campaign affecting at least 40 organizations across 13 countries. Cisco Talos revealed in a blog post yesterday that the “Sea Turtle” campaign began back in January 2017 and has been

“Assume breach” is the popular computer defense strategy based on the idea that your company is either already breached or could easily be breached by a dedicated attacker. There is a lot of validity to this approach. Most companies and

Global spending on cloud security is set to grow nearly 18% to reach $12.7bn by 2023, with protection for public cloud deployments prioritized over the coming years, according to a new report from Forrester. Organizations spent $178bn on public cloud

The developers of the Symfony PHP web application framework released updates that patch five vulnerabilities, three affecting the Drupal CMS. The development team of the Symfony PHP web application framework released security updates for five issues, three of which also

So, you want to break cryptography. Brute force attacks on cryptography could take billions of years, which no one has to spare. Maybe you live in a country where rubber hose cryptography is, shall we say, frowned upon. Hacking a

PC manufacturer Asus recently announced that from June to November 2018, attackers used its Asus Live Update app, which comes preinstalled on ASUS notebook computers, to install backdoors on targeted computers. Kaspersky indicated that about 57,000 systems installed the backdoored

A database belonging to the Indian local search service JustDial was left online without protection exposing personal data of over 100M users. The archive is still leaking personally identifiable information of more than JustDial customers that are accessing the service

IT services outsourcing giant Wipro has been breached and some of its customers have been targeted by attackers as a result. Revealed by cybersecurity journalist Brian Krebs and later confirmed by the company, the attack was what Wipro described as

Researchers discovered a recent malvertising campaign from eGobbler threat actor that targets millions of iOS users to hijack their sessions by leverage chrome vulnerability. Attackers trick the targeted iOS users to redirect into Malicious lading page and this campaign can

Around a fifth of all web traffic last year was linked to malicious bot activity, with financial services hit more than any other sector, according to Distil Networks. The security vendor compiled its 2019 Bad Bot Report from analysis of

A new password and data stealing operation that has been targeting China has started to infect users worldwide, according to Bitdefender Cyber Threat Intelligence Lab. Using a rootkit driver, which is believed to have been a possibly stolen certificate, the