Archive for the ‘malware’ Category

Insecure UC Browser ‘Feature’ Lets Hackers Hijack Android Phones Remotely

March 26th, 2019
Beware! If you are using UC Browser on your smartphones, you should consider uninstalling it immediately. Why? Because the China-made UC Browser contains a "questionable" ability that could be exploited by remote attackers to automatically download and execute code on your Android devices. Developed by Alibaba-owned UCWeb, UC Browser is one of the most popular mobile browsers, specifically

Posted in hack android mobile, hacking news, how to hack android, malware, man-in-the-middle attack, mobile browser, mobile hacking, Mobile Security, UC Browser, UC Web Browser | Comments (0)

Warning: ASUS Software Update Server Hacked to Distribute Malware

March 25th, 2019
Remember the CCleaner hack? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million computers manufactured by Taiwan-based tech giant ASUS. <!-- adsense --> A group of state-sponsored

Posted in ASUS, asus computers, Cyber Attack, malware, Malware attack, software server, software update, supply chain attack | Comments (0)

Microsoft ships antivirus for macOS as Windows Defender becomes Microsoft Defender

March 21st, 2019

Microsoft is bringing its Windows Defender anti-malware application to macOS—and more platforms in the future—as it expands the reach of its Defender Advanced Threat Protection (ATP) platform. To reflect the new cross-platform nature, the suite is also being renamed to Microsoft Defender ATP, with the individual clients being labelled "for Mac" or "for Windows."

Microsoft Defender ATP for Mac will initially focus on traditional signature-based malware scanning.

Microsoft Defender ATP for Mac will initially focus on traditional signature-based malware scanning.

macOS malware is still something of a rarity, but it's not completely unheard of. Ransomware for the platform was found in 2016, and in-the-wild outbreaks of other malicious software continue to be found. Apple has integrated some malware protection into macOS, but we've heard from developers on the platform that Mac users aren't always very good at keeping their systems on the latest point release. This situation is particularly acute in corporate environments; while Windows has a range of tools to ensure that systems are kept up-to-date and alert administrators if they fall behind, a similar ecosystem hasn't been developed for macOS.

One would hope that Defender for Mac will also trap Windows malware to prevent Mac users from spreading malware to their Windows colleagues.

Read 4 remaining paragraphs | Comments

Posted in apple, cloud, Defender, MacOS, malware, microsoft, security, Tech | Comments (0)

Mirai Variant Adds Dozen New Exploits to Target Enterprise IoT Devices

March 19th, 2019
Security researchers have uncovered a new variant of the infamous Mirai Internet of Things botnet, this time targeting embedded devices intended for use within business environments in an attempt to gain control over larger bandwidth to carry out devastating DDoS attacks. Although the original creators of Mirai botnet have already been arrested and jailed, variants of the infamous IoT malware

Posted in Cyber Attack, ddos attack, ddos tool, IoT Malware, malware, mirai, mirai botnet, mirai malware, networking, Router hacking | Comments (0)

Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates

March 15th, 2019
Various cyber criminal groups and individual hackers are still exploiting a recently patched critical code execution vulnerability in WinRAR, a popular Windows file compression application with 500 million users worldwide. Why? Because the WinRAR software doesn't have an auto-update feature, which, unfortunately, leaves millions of its users vulnerable to cyber attacks. The critical

Posted in Download Windows Update, hacking news, malware, Vulnerability, WinRar, winrar exploit | Comments (0)

Nasty WinRAR bug is being actively exploited to install hard-to-detect malware

March 15th, 2019
Close-up photo of police-style caution tape stretched across an out-of-focus background.

Enlarge (credit: Michael Theis / Flickr)

Malicious hackers wasted no time exploiting a nasty code-execution vulnerability recently disclosed in WinRAR, a Windows file-compression program with 500 million users worldwide. The in-the-wild attacks install malware that, at the time this post was going live, was undetected by the vast majority of antivirus product.

The flaw, disclosed last month by Check Point Research, garnered instant mass attention because it made it possible for attackers to surreptitiously install persistent malicious applications when a target opened a compressed ZIP file using any version of WinRAR released over the past 19 years. The absolute path traversal made it possible for archive files to extract to the Windows startup folder (or any other folder of the archive creator’s choosing) without generating a warning. From there, malicious payloads would automatically be run the next time the computer rebooted.

On Thursday, a researcher at McAfee reported that the security firm identified “100 unique exploits and counting” in the first week since the vulnerability was disclosed. So far, most of the initial targets were located in the US.

Read 3 remaining paragraphs | Comments

Posted in Biz & IT, code execution, exploits, malware, vulnerabilities, WinRar | Comments (0)

Researchers Link ‘Sharpshooter’ Cyber Attacks to North Korean Hackers

March 4th, 2019
Security researchers have finally, with "high confidence," linked a previously discovered global cyber espionage campaign targeting critical infrastructure around the world to a North Korean APT hacking group. Thanks to the new evidence collected by researchers after analyzing a command-and-control (C2) server involved in the espionage campaign and seized by law enforcement. Dubbed Operation

Posted in Cyber Attack, cyber espionage, Lazarus Group, malware, North Korea, North Korean hackers, South Korea | Comments (0)

Google Discloses Unpatched ‘High-Severity’ Flaw in Apple macOS Kernel

March 4th, 2019
Cybersecurity researcher at Google's Project Zero division has publicly disclosed details and proof-of-concept exploit of a high-severity security vulnerability in macOS operating system after Apple failed to release a patch within 90 days of being notified. Discovered by Project Zero researcher Jann Horn and demonstrated by Ian Beer, the vulnerability resides in the way macOS XNU kernel

Posted in Apple Mac OS X, Apple macOS Mojave, hacking macos, hacking news, MacOS, macos exploit, macos hacking, malware | Comments (0)

Hard-to-detect credential-theft malware has infected 1,200 and is still going

February 20th, 2019
Hard-to-detect credential-theft malware has infected 1,200 and is still going

Enlarge (credit: Kit / Flickr)

A deceptively simple malware attack has stolen a wide array of credentials from thousands of computers over the past few weeks and continues to steal more, a researcher warned on Tuesday.

The ongoing attack is the latest wave of Separ, a credential stealer that has been known to exist since at least late 2017, a researcher with security firm Deep Instinct said. Over the past few weeks, the researcher said, Separ has returned with a new version that has proven surprisingly adept at evading malware-detection software and services. The source of its success: a combination of short scripts and legitimate executable files that are used so often for benign purposes that they blend right in. Use of spartan malware that's built on legitimate apps and utilities has come to be called "living off the land," and
it has been used in a variety
of highly effective campaigns over the past few years.

The latest Separ arrives in what appears to be a PDF document. Once clicked, the file runs a chain of other apps and file types that are commonly used by system administrators. An inspection of the servers being used in the campaign show that it, so far, has collected credentials belonging to about 1,200 organizations or individuals. The number of infections continues to rise, which indicates that the spartan approach has been effective in helping it fly under the radar.

Read 7 remaining paragraphs | Comments

Posted in Biz & IT, Credential Theft, living off the land, malware, separ | Comments (0)

MalwareTech loses bid to suppress damning statements made after days of partying

February 14th, 2019
Then 23-year-old security researcher Marcus Hutchins in his bedroom in Ilfracombe, UK, in July 2017, just weeks before his arrest on malware charges.

Enlarge / Then 23-year-old security researcher Marcus Hutchins in his bedroom in Ilfracombe, UK, in July 2017, just weeks before his arrest on malware charges. (credit: Chris Ratcliffe/Bloomberg via Getty Images)

Marcus Hutchins, the widely acclaimed security researcher charged with creating malware that sold for thousands of dollars on the Internet, has lost his bid to suppress self-incriminating statements he made following days of heavy partying at the 2017 Defcon hacker convention in Las Vegas.

Hutchins—who, under the moniker MalwareTech, unwittingly helped neutralize the virulent WannaCry ransomware worm—was charged with developing the Kronos banking trojan and an advanced spyware program known as the UPAS Kit. The then-23-year-old UK citizen was arrested in August 2017 at McCarran International Airport as he was about to fly home. He had spent the previous week attending the Black Hat and Defcon conferences. Hutchins has pleaded not guilty to the charges.

According to court documents, federal agents questioned Hutchins in an airport interview room shortly after he was arrested. When asked about his involvement in developing malware, the court records show, Hutchins grew visibly confused about the purpose of the interrogation. Eventually, prosecutors said, Hutchins acknowledged that, when he was younger, he wrote code that ended up in malware, but he denied that he had developed the malware itself. After reviewing some source code produced by the agents, Hutchins asked if the investigators were looking for the developer of Kronos. Hutchins then told the interrogators he didn't develop Kronos and had "gotten out" of writing code for malware before he turned 18.

Read 17 remaining paragraphs | Comments

Posted in Biz & IT, indictments, malware, MalwareTech, Policy | Comments (0)