Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. “The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the BlackCat ransomware...
Cybersecurity and intelligence laboratories in Canada, New Zealand, the United Kingdom and the United States of Australia on Thursday disclosed details of a type of mobile malware that targets Android devices used by the Ukrainian military. The malicious software, dubbed Infamous Chisel and attributed to a Russian state-sponsored actor called Sandworm, has capabilities to “enable...
Malware is usually distributed through malicious websites, emails, and software. Malware can also be hidden in other files, such as image or document files, or even in seemingly innocuous files, such as .exe files. Users can unintentionally install malware when they click on a link in a phishing email, or when they download and install...
Another group of researchers has demonstrated that hard disk drives (HDDs) can be interfered with through sound waves, but they’ve also shown that ultrasonic signals (i.e., sounds inaudible to the human ear) can be used to damage their integrity and availability. Hard Drive Attacks HDDs are non-volatile data storage devices that store and retrieve digital...
Ransomware is malware that employs encryption to hold a victim’s information at ransom. A user or organization’s critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access. Ransomware is often designed to spread across a network and target database and file servers, and can...
A cybersecurity researcher with Google Project Zero has released the details, and a proof-of-concept (PoC) exploit for a high severity vulnerability that exists in Linux kernel since kernel version 3.16 through 4.18.8. Discovered by white hat hacker Jann Horn, the kernel vulnerability (CVE-2018-17182) is a cache invalidation bug in the Linux memory management subsystem that...
Researchers from Proofpoint discovered a massive global botnet dubbed “Smominru,” a.k.a Ismo, that is using EternalBlue SMB exploit (CVE-2017-0144) to infect Windows computers to secretly mine Monero cryptocurrency, worth millions of dollars, for its master. Active since at least May 2017, Smominru botnet has already infected more than 526,000 Windows computers, most of which are...