Researchers uncovered a new malware campaign spreading a clipboard hijacker dubbed ClipboardWalletHijacker that has already infected over 300,000 computers. Security researchers from Qihoo 360 Total Security have spotted a new malware campaign spreading a clipboard hijacker, tracked as ClipboardWalletHijacker, that has already infected over 300,000 computers. Most of the victims are located in Asia, mainly China. “Recently, […]
The Europol announced that several French nationals were arrested in the past year on suspicion of being involved with notorious Rex Mundi crime gang. Another success of the Europol made the headlines, the European police announced that several French nationals were arrested in the past year on suspicion of being involved with notorious hacker group […]
The GitHub account of the Syscoin cryptocurrency was compromised by hackers that replaced the official Syscoin Windows client with a tainted version. The Syscoin clients allow users to mine Syscoin cryptocurrency or manage Syscoin funds. The other versions in the v3.0.4.1 release were not replaced, this means that Mac and Linux clients were not replaced by the hackers. The […]
Trend Micro spotted a new attack relying on weaponized Word documents and PowerShell scripts that appears related to the MuddyWater APT. Security experts at Trend Micro have spotted a new attack relying on weaponized Word documents and PowerShell scripts that appears related to the MuddyWater cyber-espionage campaign. The first MuddyWater campaign was observed in late 2017, then researchers from […]
A new vulnerability involving side channel speculative execution on Intel chips, known as LazyFP, has been announced and assigned CVE-2018-3665. A new vulnerability tracked as LazyFP (CVE-2018-3665) involving side channel speculative execution affects Intel CPUs, like previous ones it could be exploited by hackers to access sensitive information from the affected system. The vulnerability was discovered […]
GnuPG 2.2.8 released earlier this month addresses the CVE-2018-12020 vulnerability, dubbed SigSpoof, affecting GnuPG, Enigmail, GPGTools, and python-gnupg. GnuPG, also known as GPG, is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows users to encrypt and sign data and communications. GnuPG version 2.2.8 released earlier this month addresses the CVE-2018-12020 vulnerability, dubbed SigSpoof, affecting GnuPG, […]
Cyber criminal organizations and state-sponsored hackers continue to use Exploit kits to compromise targets world worldwide if the use of Exploit kits is decreased across the recent months, some of them were improved by adding the code to exploit recently discovered Flash and Internet Explorer zero-day vulnerabilities. “Since both Flash and the VBScript engine are […]
A China-linked APT group, LuckyMouse, Emissary Panda, APT27 and Threat Group 3390, has targeted a national data center in Central Asia. The APT group has been active since at least 2010, the crew targeted U.S. defense contractors and financial services firms worldwide. In March 2018, security experts at Kaspersky Lab have observed an attack powered by the […]
June 12, 2018 – Cyber Defense eMagazine is arrived – OVER SIX THOUSAND PAGES – SIX YEARS – #1 GLOBAL SOURCE FOR CYBER DEFENSE Cyber Defense eMagazine June 2018 Edition has arrived. We hope you enjoy this month’s edition…packed with over 150 pages of excellent content. InfoSec Knowledge is Power. We have 6 years of eMagazines online […]
A security researcher from Vertek Corporation reported to Bleeping Computer that over 43 million email addresses have been leaked from the command and control server of a spam botnet. An expert from Vertek Corporation spotted the C&C server while investigating a recent malware campaign distributing a version of the Trik trojan. The malicious code was used as a first-stage malware […]