Is Two-factor authentication the solution for any kind of hacks? A text message could be used to take over your Google Account. Following the recent data breaches suffered by IT giants (e.g. MySpace, LinkedIn, Twitter) security experts are inviting users to avoid sharing login credentials on multiple websites and to enable two-factor authentication (2FA) when it […]
Experts from Cisco Talos team have improved their decryptor tool to allow the recovery of files encrypted by all the Teslacrypt Ransomware variants In May, criminals behind the TeslaCrypt ransomware leaked online the master encryption key that allowed security experts to develop a decryption tool for the last variant of the threat. âIn surprising end to TeslaCrypt, […]
CERT-Bund released a warning that corporate executives may be being targeted with malicious emails using data from the LinkedIn data breach. The cascading effects of the 2012 LinkedIn breach are still being felt throughout the business world. On Monday, CERT-Bund, Germanyâs Computer Emergency Response Team for federal agencies, released a warning that corporate executives may […]
The Necurs Botnet, one of the world’s largest malicious architecture, used to spread the dreaded threats appears to have vanished since June 1. In the last months, we have read a lot of news regarding the activities on one of the largest botnet in the wild that was used by crooks to deliver the Dridex […]
Security experts from the SANS observed that new CryptXXX ransomware campaigns are leveraging on the Neutrino Exploit Kit instead the Angler Exploit Kit. Crooks behind the CryptXXX ransomware have launched a new campaign leveraging on the Neutrino Exploit Kit instead the Angler Exploit Kit. It was a significant change in the attack chain that was discovered by the experts […]
New research conducted by Citrix indicates that some businesses are stockpiling Bitcoins so they can pay cybercriminals fast in case of ransomware attacks. New research conducted by Citrix, a corporate networking company, indicates that some businesses are stockpiling Bitcoins so they can pay cybercriminals fast, if their data is held ransom by malicious software. Ransomware […]
Security experts from FireEye have observed attacks leveraging on Angler EK to deliver exploits capable of evading the Microsoft EMET security Tool. Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is a free security tool designed by Microsoft to implement a supplemental security layer of defense against the exploitation of vulnerabilities affecting applications running on Windows Systems. […]
The anti-phishing company PhishMe that observed that as of the end of March 93 percent of all phishing emails contained a ransomware. Ransomware is becoming a privileged instrument of cyber criminals to rapidly earn money, the diffusion of this type of threat is changing the threat landscape scenario, for example, as of the end of March, […]
The notorious crime forum Sh0ping[.]su has been hacked by unknowns that leaked online credit card data and stolen accounts. Data breaches are a common problem also for bad actors, in many cases cyber criminals hack websites of competitors to damage their reputation and push out them from the business. Recently we discussed the hacks of […]
More than 19 months after its public disclosure the CVE-2014-3704 is still exploited in attacks against Drupal-based websites. It was October 2014, when Drupal patched a critical SQL injection vulnerability (CVE-2014-3704)Â that was affecting all Drupal core 7.x versions up to the recently-released 7.32 version, which fixed the issue. The patch issued by Drupal fixed the […]