Avoiding the rising DNS Binding Attacks for the smart devices

Is your device safe from DNS Rebinding Attack_

What is a DNS Rebinding Attack? DNS Rebinding Attacks are where the attacker tricks the user into binding with malicious websites and then making the user browser or device access unintended domains. Such attacks are normally used to compromise the system and exploit it as proxy for attacking the internal network. How DNS Rebinding Attacks […]

Continue reading


FelixRoot Backdoor Malware Resurfaced in a recent Campaign

Felixroot Backdoor

Felixroot Backdoor was first spotted in September 2017 in Ukraine spreading through pernicious banking documents with macros downloading the back door of C&C server. Felixroot Backdoor malware campaign has resurfaced using Microsft Office vulnerabilities CVE-2017-0199 and CVE-2017-11882 to compromise the victim’s windows computers. It is being distributed by the file name “Seminal.rtf” claiming to provide information on […]

Continue reading


FlawedAmmyy RAT being delivered via TA505 email spam campaigns

FlawedAmmyy RAT

Always be cautious while opening email attachments. Recently, hackers have been sending weaponized PDFs containing malicious SettingContent-ms files containing FlawedAmmyy RAT, reported by researchers at SecurityOps. SettingContent-ms file opens the Control Panel for the user. The interesting aspect of this file is the <DeepLink> element in the schema. This element takes any binary with parameters and executes […]

Continue reading


Bypass glitch makes Mac OS vulnerable due to improper code-signing implementation

Is your MacOS secure

A bypass found in third party developers’ interpretation of code signing API allowed for unsigned malicious code to appear to be signed by Apple. All the third-party vendors have issued patch once they realized that their software was not interacting correctly with the Apple’s code-signing API. Without the patch, attackers can craft malicious code and […]

Continue reading


Why Blockchain may not be the elixir to internet security

blockchain

Every architect, builder and designer knows that the right tool can solve the most difficult problems in a jiffy but at the same time, that tool cannot be right for all the situations. There are a lot of confusions running around regarding Blockchain. Many consider it equivalent to bitcoins although both are different, bitcoin being […]

Continue reading


Top 3 cyber security concepts for 2018

2018 Cyber Security Concepts

Cyber security is taking a new turn every year. Its very crucial to stay updated with the latest cyber security concepts and solutions to thrive in the market. The 2018 RSA Conference was exceedingly productive and proactive in bringing out latest cyber security concepts instead of relying on the outdated, legacy ones. Here is a […]

Continue reading


Internet Explorer Zero-day “Double-kill”

Internet Explorer zero-day

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code, host website and lead the victim to view compromised websites. Kaspersky and Qihoo360 independently discovered this zero-day vulnerability (CVE-2018-8174)  for Internet Explorer […]

Continue reading


Cryptojacking Attack hits Aditya Birla Group

Aditya Birla Group became a victim of a huge Cryptojacking Attack

A big cryptojacking attack took place first time in the country last month. The target was the Aditya Birla Group – one of India’s largest business conglomerates headquartered at Mumbai. 2000 plus computers were infected by cyber criminals for cryptojacking – a cyber attack where hackers misuse the victim’s terminals and exploit their processing power […]

Continue reading


Data hacked during EPFO-Aadhar seeding

epfo aadhar

Cyber criminals seem to have hacked the EPFO data which holds information like name, Aadhar card number, bank details of 2.7 Cr Indians. The vulnerabilities in Aadhar seeding with PF accounts may have been exploited to steal the data. The statement from the EPFO came amid reports of a letter allegedly written by EPFO Central Provident […]

Continue reading


Rarog – A cryptomining Trojan is out in the wild

Rarog

A malware family Rarog is out in the internet and being excessively used by the cyber criminals to execute cryptocurrency mining operations. Reseachers claim it to be an appealing option for hackers due to its low cost, easy configurations and support for multiple cryptocurrencies. Palo Alto Networks’ Unit 42 research team, which posted a blog on Wednesday […]

Continue reading