Recent Posts

Pages: 1 [2] 3 4 ... 10
Security Alerts & Briefings / Re: Ad Blocking
« Last post by plodr on January 18, 2019, 12:50:17 PM »
I also don't use Chrome on Windows computers.
I use uBlockOrigin in most of the browsers and AdBlockPlus in IE because uBlockOrigin isn't available for that.
Web News / Windows Zero-Day Bug that Overwrites Files Gets Interim Fix
« Last post by Antus67 on January 18, 2019, 11:22:33 AM »
By Ionut Ilascu

A micropatch has been released today for a vulnerability in Windows that allows overwriting files, even system one, with arbitrary data.

The bug was disclosed on December 27 by the security researcher using the online alias SandboxEscaper. Before that, she tweeted that she let Microsoft know about the flaw in an email to Microsoft Security Response Center (MSRC).

Full Article Here:
Web News / Most Facebook users aren’t aware that Facebook tracks their interests
« Last post by Antus67 on January 18, 2019, 11:16:47 AM »
BY: Zeljka Zorz, Managing EditorJanuary 18, 2019

Too many Facebook users aren’t aware that the company uses the information provided by them and their actions on the platform and outside of it to create a list of their traits and interests, which is then used by to target them with relevant ads.

According to the results of a new Pew Research Center surveys, which polled a representative sample of US-based, adult Facebook users:

    88% discovered that the site had generated some material for them.
    74% say they did not know about the platform’s list of their interests (ad preferences page) before being directed to it for the purposes of the survey.
    60% of Facebook users have 10 or more categories listed on their ad preferences page.
    59% say these categories reflect their real-life interests, 27% say they are not very or not at all accurate in describing them.
    51% say they are not comfortable that the company created such a list.

Full Article Here:
Web News / Fake GPS Apps with 50M Installs Just Show Ads and Run Google Maps
« Last post by Antus67 on January 18, 2019, 01:53:21 AM »
By Lawrence Abrams

19 Android apps with over 50 million installs were found on the Google Play store that state that they are full featured GPS apps, but instead simply show an advertisement and then show Google Maps.

These apps were discovered by ESET Android security researcher Lukas Stefanko who stated that they promote themselves as full featured apps and use screenshots from other legitimate apps to entice users to install them.

Full Article Here:
Web News / Android Apps Steal Banking Info, Use Motion Sensor to Evade Detection
« Last post by Antus67 on January 18, 2019, 01:48:38 AM »
By Sergiu Gatlan

Two Android apps infected with banking malware were found on the Google Play Store, already having been installed on thousands of Android devices and sporting dozens of fake five-star ratings.

The Trend Micro malware research team linked the malware payload found in the two apps with the Anubis banking Trojan based on code similarity and a shared command and control (C&C) server (i.e.,, known to have been targeting the Android platform for the last two years.

Full Article Here:
Web News / ES File Explorer Flaws Put 100 Million Users' Data at Risk, Fix Promised
« Last post by Antus67 on January 18, 2019, 01:44:15 AM »
By Sergiu Gatlan

A hidden web server always running in the background was found by security researcher Robert Baptiste in ES File Explorer, an Android file manager with over 100,000,000 installs displayed on the Google Play store page and over 500 million users worldwide according to its developer.

As discovered by Baptiste, right after launching the app it will start a local HTTP server on port 59777 which will stay open until all the background services of ES File Explorer are killed:

Everytime a user is launching ES File Explorer, a HTTP server is started. This server is opening locally the port 59777. An attacker connected on the same local network than the victim, can obtain a lot of juicy information (device info, app installed, ...) about the victim's phone, remotely get a file from the victim's phone and remotely launch an app on the victim's phone.

Full Article Here:
Web News / Twitter Fixes Four Year Old Bug in Android App Exposing Private Tweets
« Last post by Antus67 on January 18, 2019, 01:39:13 AM »
By Ionut Ilascu

Twitter announced today that an issue in its app for Android exposed some users’ protected tweets for over four years if they made certain changes to their account settings.

As a result, content intended only for approved followers became publicly visible.
Bug survived since late 2014

The problem caused the “Protect your Tweets” feature to become disabled for users of Twitter for Android that had it turned on and also made some modifications to their account, such as updating the associated email address.

Full Article Here:
Web News / BlackRouter Ransomware Promoted as a RaaS by Iranian Developer
« Last post by Antus67 on January 18, 2019, 01:34:51 AM »
By Lawrence Abrams

A ransomware called BlackRouter has been discovered being promoted as a Ransomware-as-a-Service on Telegram by an Iranian developer. This same actor previousl distributed another ransomware called Blackheart and promotes other infections such as a RAT.

BlackRouter was originally spotted in May 2018 and had its moment of fame when TrendMicro discovered it dropping the AnyDesk remote access program and keyloggers on victim's computers.

Full Article Here:
Web News / Cryptomining Malware Uninstalls Cloud Security Products
« Last post by Antus67 on January 18, 2019, 01:29:56 AM »

Author: Lindsey O'Donnell
January 17, 2019 9:03 am

New samples of cryptomining malware performs a never-before-seen function: uninstalling cloud security products.

Researchers say they have discovered a unique malware family capable of gaining admin rights on targeted systems by uninstalling cloud-security products. Instances of the malicious activity are tied to coin-mining malware targeting Linux servers.

Palo Alto Networks’ Unit 42, which published the report Thursday, said that the malware samples it found do not compromise, end-run or attack the security and monitoring products in question; they rather simply uninstall them from compromised Linux servers.

Full Article Here:
Web News / Ongoing Attacks Hit West African Financial Institutions Since Mid-2017
« Last post by Antus67 on January 18, 2019, 01:25:48 AM »
By Ionut Arghire on January 17, 2019

Cyber-attacks that have been ongoing since at least mid-2017 hit financial institutions in West Africa, Symantec security researchers report.

The attackers employed commodity malware and living-off-the-land tools to hit targets in Ivory Coast, Cameroon, Congo (DR), Ghana, and Equatorial Guinea to date. The identity of the attackers, however, remains unknown.

Four different types of attacks were used against financial organizations in the region, with the first of them underway since at least mid-2017. Organizations in Ivory Coast and Equatorial Guinea were infected with the NanoCore Trojan, but the legitimate PsExec tool was also used.

Full Article Here:
Pages: 1 [2] 3 4 ... 10