Collaborate Disseminate
After inflicting billions of dollars in damages since its outbreak more than a year ago, the ill-famed WannaCry ransomware continues to claim victims. Taiwan Semiconductor Manufacturing Company (TSMC), which last week reported a malware incident at its… Continue reading WannaCry still alive and kicking – TSMC confirms ‘virus’ that halted operations was the infamous ransomware
While analyzing recent drive-by download attacks, security researchers have uncovered a large malvertising operation that infiltrated the legitimate online ad ecosystem and abuses more than 10,000 compromised websites. Malicious advertising, or malver… Continue reading Researchers Uncover Massive Malvertising Operation
Recently, an interesting miner implementation appeared on Kaspersky Lab’s radar. The malware, which we dubbed PowerGhost, is capable of stealthily establishing itself in a system and spreading across large corporate networks infecting both workstations and servers. Continue reading A mining multitool
A newly uncovered hacking group has breached a number of critical infrastructure and government organizations in the Middle East with a mixture of publicly available and custom-built tools, according to new research from cybersecurity giant Symantec. Dubbed Leafminer by the company, the group has infiltrated a number of organizations in countries such as Azerbaijan, Israel, Lebanon and Saudi Arabia, with a variety of intrusion techniques. Researchers observed the group using watering hole websites, vulnerability scans and brute-force login attempts for the purposes of data theft. Symantec researchers categorized the group as “highly active,” conducting various operations since early 2017. The group targeted a wide range of sectors, including energy, government, finance and telecommunications. According to Vikram Thakur, Symantec’s technical director, the group was active up until publication of the company’s research. “Their servers are very much still up,” Thakur told CyberScoop. The group is particularly adept at honing its skills based […]
The post Newly uncovered ‘Leafminer’ hacking group hitting wide array of Middle Eastern targets appeared first on Cyberscoop.
Even though the Shadow Brokers told customers to use privacy-focused cryptocurrency Zcash, researchers may have found clues pointing to who tried to buy more of the group’s wares. Continue reading Cryptocurrency Transactions May Uncover Sales of Shadow Broker Hacking Tools
The malware targets Windows servers with a cornucopia of well-known exploits, all within a single executable — including the EternalBlue NSA hacking tool. Continue reading MassMiner Takes a Kitchen-Sink Approach to Cryptomining
Cryptomining malware has dethroned ransomware as the number one cyber threat, and as such, it is evolving rapidly. That being said, a Python-based Monero miner using stolen NSA exploits and disabling security features has been discovered by security re… Continue reading PyRoMine Utilizes EternalBlue Exploit, Disables Security Features
By Waqas
The IT security researchers at Fortinet have discovered a dangerous new
This is a post from HackRead.com Read the original post: PyRoMine malware disables security & mines Monero using NSA exploits
Continue reading PyRoMine malware disables security & mines Monero using NSA exploits
Today, MalwareHunterTeam reached out to me about a possible new variant of Satan ransomware.
Satan ransomware itself has been around since January 2017 as reported by Bleeping Computer.
In this blog post we’ll analyse a new version of th… Continue reading Satan ransomware adds EternalBlue exploit
This is the reality now. With Wednesday’s apparent tempest-in-a-teapot ransomware attack at Boeing, the possibility remains for even the biggest organizations to come to a crippling halt at the mere hint that WannaCry has been redeveloped, reworked and set out in the wild. The Seattle Times’ initial story relayed as much, as Boeing’s chief engineer sent out a companywide memo Wednesday calling for “all hands on deck” in the initial aftermath. A few hours passed, and suddenly what was WannaCry’s next great casualty was nothing more than an uncomfortable afternoon for the aviation giant’s IT teams. “A number of articles on a malware disruption are overstated and inaccurate,” a Boeing statement read. “Our cybersecurity operations center detected a limited intrusion of malware that affected a small number of systems. Remediations were applied and this is not a production or delivery issue.” Yet while Boeing avoided being labeled as infosec’s Next Great […]
The post The fear over WannaCry is still very real appeared first on Cyberscoop.