Digmine Virus Spreads Via Facebook Messenger

A new cryptocurrency mining virus has risen, this time the virus is spreading through Facebook’s messenger app and is targeting Google Chrome desktop users. The Monero miner has been dubbed “Digmine” and is disguised as a non-embedded video file (video_xxxx.zip), however, the file contains a AutoIT executable script. As soon as victim clicks the file, […]

Top Five Cyber-Security Predictions for 2018

Top Five Cyber-Security Predictions for 2018

This year has shown us some of the biggest cyber threats in history, with millions of consumers and businesses having been hit by the WannaCry attack, and the Uber and Equifax breaches–to name a few. Analysts predict that information security spending will hit $86.4 billion this year, and say to expect global cybercrime damage to […]

Microsoft Releases Malware Patch for its…Malware Protection Engine

Yesterday, Microsoft released a patch to fix a remote code execution flaw, CVE-2017-11937, in its Malware Protection Engine (MPE). The Microsoft Malware Protection Engine is the core cybersecurity base for Microsoft’s anti-virus/anti-spyware programs in all of the company’s products. The security issue is present in Windows Defender, Microsoft Security Essentials, Forefront Endpoint Protection, Endpoint Protection, […]

Over 5,000 WordPress Sites Infected with Keylogger

WordPress Plugin WPML Hacked

Researchers have recently seen that more that 5,000 WordPress websites have been infected with a malware that was seen earlier this year. The malware “Cloudeflare.solutions” first surfaced in April with cryptomining abilities however, a keylogger has been added to its arsenal. The malware exploits the “functions.php” file which is used by the themes in WordPress. […]

New Vulnerability Uses Antivirus Software to Inject Malware

Threat Intelligence Adware Installers Using Rumba Variant STOP

Multiple antivirus programs have been found to have a vulnerability that allows the “restore from quarantine” feature to be used for malicious purposes. Dubbed AVGator, it essentially works by redirecting malware from an antivirus quarantine folder to a sensitive location on the victim’s system. While performing a penetration test, a researcher infected computers by using […]

MantisTek GK2 Keyboard Sends Data to China

Threat Intelligence Yokagawa Severe Vulnerability

The Mantistek GK2 gaming keyboard is a popular keyboard in the gaming community however, it has been seen that the keyboard has been silently recording key strokes and sending them to a server that is maintained by the Alibaba Group. The Alibaba Group is a Chinese e-commerce company that provides consumer to consumer, business to […]

$150,000 Stolen from Cryptocurrency Wallets

Cryptocurrency wallets are currently being targeted by the CryptoShuffler Trojan. It is unclear who is behind the attack, however, $150,000 of Dash, Monero, Ethereum, Bitcoin and Zcash has been stolen. CryptoShuffler has been around since 2016 while the latest campaign surfaced this past June. The Trojan goes after infected devices and will not display a […]

Fake Cryptocurrency Apps Steal User Data

Fake Cryptocurrency Apps Steal User Data

Poloniex is the largest exchange service in the world with over a hundred types of cryptocurrencies available for trading/buying however, they have been gaining a bad reputation rather quickly. In August 2017, a security researcher was able to bypass Poloniex’s 2FA (two-factor authentication) by finding a Reddit thread dubbed “Poloniex2FASucks.” The researcher sold the vulnerability […]

New “Reaper” Malware has Infected Two Million IoT Devices

Threat Intelligence: Cisco Mistakenly Adds Dirty Cow Exploit Code to its Own Software

A newly-discovered malware is rapidly spreading and is thought to have already infected over two million IoT devices. It was dubbed “Reaper_IoT” by the Chinese security firm Qihoo 360, and is believed to be based on the infamous Mirai malware, but with some differences. A main difference is Reaper does not attempt to crack passwords, […]

DoubleLocker Android Ransomware

Android Ransomware

A new ransomware has surfaced in the wild that’s targeting Android devices dubbed as DoubleLocker. The ransomware performs a two-way action to lock the device by encrypting all files and changes the PIN. DoubleLocker is distributed as a fake Adobe Flash updated while compromised websites are spreading it. Once downloaded, the fake update will request […]

KRACK Attack WPA Vulnerabilities

KRACK Attack

Researchers have discovered and documented critical weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. The attack, dubbed KRACK (Key Reinstallation Attacks), allows attackers within range of the target wifi network to view seemingly “protected” information; and possibly “inject and manipulate” information, as well. If you are using WPA2, you are affected, […]

4 Crucial Steps to Getting the Best Value out of Your SIEM

It is fairly common knowledge among security professionals that security information and event management (SIEM) technologies are complex systems. No matter the vendor or the system, SIEMs require hard work and dedication to ensure they are running at their maximum capabilities and providing the most benefit to the organization. SIEM When a SIEM is properly deployed within an […]