A new malware downloader, AdvisorsBot, has been spotted affecting hospitality sector via email campaigns. It is being hosted by a hacker group going by the name TA555. The main targets have been restaurants, hotels and telecom sectors. Researchers from Proofpoint were able to track it back since May 2018. Major victims are from United States. […]
Large companies across the world receive phishing emails every day. There are a number of these companies who are still not aware of DMARC, however, a large number of big companies have started following DMARC policies. Companies that have adopted DMARC have seen impressive results in the fall of suspicious emails entering the company domain […]
Cyber criminals stole over Rs 94 crore from a Pune headquartered Cosmos Bank. The money was allegedly transferred to accounts outside India. The server hosted at Pune had been attacked on August 11 and 13 exploiting bank’s ATM switch vulnerability. Bank’s management filed an FIR for it on Tuesday, August 13 at 1 am at […]
The MITRE ATT&CK Framework has become increasingly popular over the last few years. It was originally developed to support Mitre’s cyberdefense work but at this point it is both an enormous knowledge base of cyberattack technology and tactics and a model for understanding how those elements are used together to penetrate a target’s defenses. The […]
Malware can enter your machine through corrupted images on any website. Malware is stored in Exchangeable Image File Format (EXIF) data. Recently instances have occurred where in hackers are hiding malware in the images and uploading such images to the Google’s official CDN (Content Delivery Network) – googleusercontent.com. How malware is embedded in an image? […]
It is high time to switch to HTTPS. The most important question lingering here is Why to move to HTTPS? To understand why, first we need to understand what is HTTPS? The Hypertext Transfer Protocol (HTTP) is an application protocol for communication over distributed, collaborative, and hypermedia information systems. HTTPS (HTTP Secure) is an adaptation of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network, and is […]
What is a DNS Rebinding Attack? DNS Rebinding Attacks are where the attacker tricks the user into binding with malicious websites and then making the user browser or device access unintended domains. Such attacks are normally used to compromise the system and exploit it as proxy for attacking the internal network. How DNS Rebinding Attacks […]
Felixroot Backdoor was first spotted in September 2017 in Ukraine spreading through pernicious banking documents with macros downloading the back door of C&C server. Felixroot Backdoor malware campaign has resurfaced using Microsft Office vulnerabilities CVE-2017-0199 and CVE-2017-11882 to compromise the victim’s windows computers. It is being distributed by the file name “Seminal.rtf” claiming to provide information on […]
It is a cliché in IT industry for people to judge software or a protocol even before using it. Many say implementing DMARC is a tedious job and so we are just good without it while there are others with the perspective and implementing DMARC is like a piece of cake and it is must […]
Always be cautious while opening email attachments. Recently, hackers have been sending weaponized PDFs containing malicious SettingContent-ms files containing FlawedAmmyy RAT, reported by researchers at SecurityOps. SettingContent-ms file opens the Control Panel for the user. The interesting aspect of this file is the <DeepLink> element in the schema. This element takes any binary with parameters and executes […]
Thanks for
When someone writes an article he/she maintains the plan of (...)
Yes True, Responsive web designs is must for all
