One of my friends, Janet, is a classic example of why you need email management in your business. She constantly receives hundreds of emails at work. One day, she had an important client presentation in the afternoon. But the client sent her an email the previous night rescheduling the meeting to the early morning instead. […]
Malvertising in Google Search Results Delivering Stealers
Kaspersky observes a growth in malvertising activity that exploits Google search ads to promote fake software websites that deliver stealers, such as RedLine and Rhadamantys. The treat actors create copies of legit software websites while employing typosquatting (exploiting incorrectly spelled popular brands and company names as URLs) or combosquatting (using popular brands and company names […]
Chinese Espionage Attack on South East Asian Gov
At the beginning of 2021, Check Point Research identified an ongoing surveillance operation they named Sharp Panda that was targeting Southeast Asian government entities. The attackers used spear-phishing emails to gain initial access to the targeted networks. These emails typically contained a Word document with government-themed lures that leveraged a remote template to download and […]
OneNote Abused by Cybercriminals
Threat actors are taking advantage of Microsoft OneNote’s ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files. Once clicked, an attacker can use the embedded code for various malicious purposes, such as stealing data or […]
Emotet Malicous Mail is Back
After several months of inactivity, the Emotet botnet resumed email activity this morning at 8:00am EST. The malicious emails seem to be replying to already existing email chains, with the addition of an attached .zip file. The .zip files are not password protected. The themes of the attached files include finances and invoices. The .zip […]
Manually Creating Swap Partition
Continuing from this articles…https://anyware.com.sg/re-sizing-linux-storage/ What happened to Swap…. Creating Swap partition alone would not suffice that it would be used by the system; it has to be initialized and activated. To initialize: # mkswap /dev/sda5 To activate: # swapon /dev/sda5 When I recreated the partition I didn’t know about the above and this… New Swap […]
Re-Sizing Linux Storage
Continuing from this article https://anyware.com.sg/debian11-128mb/ While testing out the file server services; the storage space soon filled up. That’s when I realised I had provisioned only 16GB of Storage most likely I thought I’m won’t doing anything else besides sftp testing. So how exactly I increased the Storage size… There are couple of options in […]
Withsecure has developed Ransomware undo tech
Ransomware attacks have plagued organizations for the past several years, inflicting considerable financial losses. To help organizations manage ransomware and other threats, WithSecure™ (formerly known as F-Secure Business) has developed a new technology that can essentially undo the damage malware can cause. The technology, called Activity Monitor, was developed to make the capabilities of a sandbox […]
Debian 11 on 128 MB RAM
Coming from Win 3.1 days, I can’t fathom what the craze with modern operating systems gobbling GBs of RAM. Therefore I took it on myself to find which modern OS can smoothly run with the least amount of RAM. So I set out some parameter the OS should server, like it should have the complete […]
Some Pixel Phones are crashing cos of YouTube videos
A specific YouTube video is causing some Pixel phones to crash, as reported by Android Authority. When those who are affected by the problem try to watch the video, their phone instantly reboots. Some, including Android Authority, have also said their phones present cellular network issues afterward. (Android Authority said those issues were fixed after another reboot.) Readmore …. […]
Imposter HTTP Libraries Lurk on PyPI
ReversingLabs researchers discovered more than three dozen malicious packages on the PyPI repository that mimic popular HTTP libraries. The descriptions for these packages, for the most part, don’t hint at their malicious intent. Some are disguised as real libraries and make flattering comparisons between their capabilities and those of known, legitimate HTTP libraries. The packages […]
S1deload Stealer – Social Network Account Hijacker
An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems’ resources to mine cryptocurrency. Bitdefender is calling the malware S1deload Stealer for its use of DLL side-loading techniques to get past security defenses and execute its malicious components. […]
GlobeImposter Malware’s latest campagin
Since 2017, campaigns delivering GlobeImposter have continued to proliferate even though the ransomware has only evolved slightly. GlobeImposter is most often delivered via phishing email as an attachment or a link to a malicious attachment. The payloads are typically distributed via 7zip or traditional zip file archives. The archives often include a JavaScript (.js) file […]
Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Department of Health and Human Services (HHS), the Republic of Korea (ROK) National Intelligence Service (NIS), and the ROK Defense Security Agency (DSA) are issuing this joint Cybersecurity Advisory (CSA) to […]
Hunting Cyber Evil Ratels
Brute Ratel a commercial Red Team Operations framework developed by Chetan Nayak, an expert red teamer, has been used by attackers both in cybercrime and APT operations. This Red Team framework is designed to be capable of being highly evasive and undetectable by security products, as demonstrated by many shellcodes intercepted through hunting activities with […]
ProxyShellMiner Targets Windows Endpoints
Morphisec has recently identified a highly evasive malware campaign delivering ProxyShellMiner to Windows endpoints. As the name suggests, ProxyShellMiner exploits the ProxyShell vulnerabilities CVE-2021-34473 and CVE-2021-34523 in Windows Exchange servers for initial access and compromise of an organization to deliver crypto miners. After successfully breaching an Exchange server and obtaining control, the attackers use the […]
Cl0p ransomware variant targets Linux
SentinelLabs observed the first ELF variant of Cl0p (also known as Clop) ransomware variant targeting Linux systems on the 26th of December 2022. The new variant is similar to the Windows variant, using the same encryption method and similar process logic. While the Windows versions contain a hashing algorithm in order to avoid encrypting specific […]
ESXi : ransomware target
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely running unpatched and out-of-service or out-of-date versions of VMware ESXi […]
Phishing Activities in 2022
Phishing scams continue to plague the internet in 2022, more now than ever. This article explores the latest data and current trends and shows you how to avoid a phishing attack today. Cybercrime consultants have found over a million discrete phishing attacks perpetrated this year, which is up by 61% in the same time period in 2021. In […]
Ransomware Group Targets Manufacturing Companies
Vice Society, which was initially reported to be exploiting the PrintNightmare vulnerability in their routines, have previously deployed ransomware variants such as Hello Kitty/Five Hands and Zeppelin (the group’s email has been in their ransom notes). More recently, Vice Society has been able to develop its own custom ransomware builder and adopt more robust encryption […]
