Computer Security News

FlawedAmmyy RAT

Malspam Campaign Uses Microsoft Publisher Files to Attack Banks

Trustwave security experts have registered an unusual malspam campaign attacking banks with the FlawedAmmyy RAT. What is interesting about this campaign is the use of Microsoft Office Publisher files to infect victims’ computers. The security researchers registered a tremendous jump in the number of emails containing a Microsoft Office Publisher file (a .pub attachment) and …

Malspam Campaign Uses Microsoft Publisher Files to Attack Banks Read More »

Google-Location-History

Google Can Track Users Even When Their Location History is Disabled

Associated Press reported that a number of Google services on both Android and iPhone keep users’ location data even if their “Location History” is disabled. After users disable the “Location History” from the privacy settings of Google applications, they should prevent Google from storing their location data. However, the situation is completely different. The AP …

Google Can Track Users Even When Their Location History is Disabled Read More »

Ramnit-Black-Botnet

Ramnit Operators Contribute in Creating the Black Proxy Botnet

Checkpoint security experts reported that they found a massive proxy botnet, tracked as “Black” botnet, created by Ramnit developers. Ramnit was first registered in 2010 and it is currently known as one of the most popular banking malware families. In 2011, the botnet developers improved it starting from the leaked Zeus source code and turning …

Ramnit Operators Contribute in Creating the Black Proxy Botnet Read More »

Google-Play-Store-Apps

Google Play Store Removed Hundreds of Apps Carrying Windows Malware

Security experts reported that the official Google Play store has removed 145 applications that were carrying Windows malware. The malicious applications were uploaded to the Google Play store between October and November lat year, meaning that the Android users were exposed to the attack for months. According to the researchers, some of the apps have …

Google Play Store Removed Hundreds of Apps Carrying Windows Malware Read More »

ESLint-account-compromised

Cyber Criminals Compromised an ESLint Maintainer’s Account to Steal Login Tokens

Hackers compromised an ESLint maintainer’s account and uploaded malicious packages attempting to steal login tokens from the npm software registry. The affected packages hosted on npm are: eslint-scope version 3.7.2 o, a scope analysis library used by older versions of eslint, and the latest versions of babel-eslint and webpack. Eslint-config-eslint version 5.0.2 is a configuration …

Cyber Criminals Compromised an ESLint Maintainer’s Account to Steal Login Tokens Read More »

VSDC-Malware-Attack

Hackers Hijacked the Official Website of VSDC to Distribute Malware

Qihoo 360 Total Security experts reported that cyber criminals used the official website of VSDC (http://www.videosoftdev.com) for distributing malware. According to the researchers, hackers have hijacked download links on the VSDC website in three different periods, pointing to servers they were operating. The cyber criminals took control of the administrative server part of the website …

Hackers Hijacked the Official Website of VSDC to Distribute Malware Read More »

Obfuscated-Coinhive-Shortlink

Obfuscated Coinhive Shortlink Exploited by Hackers to Mine Cryptocurrencies

Security experts reported that instead of injecting the CoinHive JavaScript miner straight into compromised websites, hackers leverage an alternative scheme to mine cryptocurrencies. Additionally, CoinHive provides an “URL shortener” service letting users create a short link for any URL with. The difference with the similar services is that this one introduces a delay so that …

Obfuscated Coinhive Shortlink Exploited by Hackers to Mine Cryptocurrencies Read More »

gentoo-linux-page

Gentoo Linux GitHub Page Got Compromised by Hackers

Gentoo Linux distribution alerted their users that hackers have compromised one of the GitHub accounts infecting it with malicious code. “Today 28 June at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization, and modified the content of repositories as well as pages there.” Gentoo reported. “We are still working to …

Gentoo Linux GitHub Page Got Compromised by Hackers Read More »

RCE-Flaws-Microsoft

Critical RCE Flaws in Windows Got Patched by Microsoft

Yesterday, Microsoft released its June security update patching a total of 50 vulnerabilities. Among these, are a dozen critical RCE flaws that affect Windows, as well as its web browsers. Despite the fact that the vulnerabilities patched this month have not been exploited for malicious purposes, one of them has been publicly disclosed before releasing …

Critical RCE Flaws in Windows Got Patched by Microsoft Read More »