GandCrab: The most popular Multi-Million Dollar Ransomware of the Year

GandCrab: The most popular Multi-Million Dollar Ransomware of the Year

Ransomware has been around for years and has inflicted financial losses estimated in the billions of dollars. As one of the most lucrative types of malware, from a financial perspective, ransomware developers have invested considerable time, effort, and knowledge into perfecting both its delivery mechanisms and its capabilities. Traditional ransomware ... Read More
Bitdefender Finds Hackers Targeting High-Profile US Election Candidates Using Fake Domains with Fake Scandals

Bitdefender Finds Hackers Targeting High-Profile US Election Candidates Using Fake Domains with Fake Scandals

| | Election Security
Here at Bitdefender Labs we are closely watching the US Midterm Elections in search of anomalies in malware, spam, misinformation and social network activity. What is a ‘fake domain’? Typically, a fake website. Hackers register variations of valid website domains in order to hijack them and create lookalike websites with ... Read More
Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars

Hacker Defacing 11,000 US Websites Faces 10 Years behind Bars

Pleading guilty for two felony counts of computer fraud, Billy Ribeiro Anderson, also known as ’Anderson Albuquerque‘ and ’AlfabetoVirtual,’ now faces up to 10 years in prison, according to US prosecutors. Defacing more than 11,000 US websites, 41-year-old Anderson was accused of hacking into military, government and various business websites, ... Read More
Scammers Target Google Chrome Extension Developers

Scammers Target Google Chrome Extension Developers

A recent phishing campaign targeting Chrome extension developers aims to trick them into giving away usernames and passwords that hackers can use to tamper with legitimate extensions. In an attempt to collect developers’ Google account passwords, hackers have been emailing Chrome extension developers using an alleged Google employee email address ... Read More

Best Practices for Choosing an Endpoint Detection and Response (EDR) Solution

The increase in cloud adoption has significantly impacted the way organizations think about security, in the sense that threat visibility into infrastructures has become mandatory in light of how the threat landscape has evolved. Starting from the premise that threat actors can and will breach infrastructures, organizations need to begin ... Read More
Hide and Seek IoT Botnet Learns New Tricks: Uses ADB over Internet to Exploit Thousands of Android Devices

Hide and Seek IoT Botnet Learns New Tricks: Uses ADB over Internet to Exploit Thousands of Android Devices

Hide and Seek, a new IoT botnet discovered by our honeypot system in early January, has quickly gained notoriety after amassing over 90,000 devices in a large botnet in a matter of days. While the first variant performed brute force attacks over the Telnet service to jack into devices, later ... Read More
Privilege Escalation Vulnerability Found in Honeywell Android Computers

Privilege Escalation Vulnerability Found in Honeywell Android Computers

A total of 17 Honeywell handheld computers were recently found vulnerable to a privilege escalation bug that could enable attackers to fully compromise the device and its stored data. The remotely exploitable vulnerability (CVE-2018-14825) has been tagged as “Improper Privilege Management,” and exploitation involves a tampered third-party app that elevates ... Read More
UK Airport Won’t Negotiate With Ransomware Attackers; Falls Back to Whiteboards

UK Airport Won’t Negotiate With Ransomware Attackers; Falls Back to Whiteboards

UK’s Bristol Airport computers that displayed flight departure and arrival information were taken offline by a ransomware infection, causing officials to fall back to whiteboards and paper posters. The airport’s TV screens started displaying a ransom note early Friday morning, prompting airport officials to issue a warning over the weekend ... Read More
Veeam Leaks 200 GB Customer Database, Goldmine for Phishers

Veeam Leaks 200 GB Customer Database, Goldmine for Phishers

A database containing 200 gigabytes of customer data, estimated to harbor around 445 million records, has been exposed online by backup and recovery company Veeam, thanks to an improperly secured server hosted on Amazon. The database apparently contained names, email address, IP addresses, referrer URL addresses, customer organization size, and ... Read More
Six Critical Vulnerabilities in Adobe ColdFusion Get Patches

Six Critical Vulnerabilities in Adobe ColdFusion Get Patches

Adobe recently released a series of 11 security patches, including six rated critical, and urged Adobe ColdFusion users to start applying the updates ASAP. The security advisory mentions that the 2018 and 2016 versions of ColdFusion, as well as version 11, have critical vulnerabilities that could be exploited to enable ... Read More
Loading...