Check Point Research encountered an Android Banking Malware named FakeCalls, a malware that can masquerade as one of more than 20 financial applications and imitate phone conversations with bank or financial service employees – this attack is called voice phishing. FakeCalls malware targeted the South Korean market and possesses the functionality of a Swiss army […]
Royal Ransomware
Backed by threat actors from Conti, Royal ransomware is poised to wreak havoc in the threat landscape, starting strong by taking a spot among the most prolific ransomware groups within three months since it was first reported. Combining new and old techniques and quick evolution, it is likely to remain a big player in the […]
Fake ChatGPT Chrome Extension Hijacking Facebook Accounts
A Chrome Extension propelling quick access to fake ChatGPT functionality was found to be hijacking Facebook accounts and installing hidden account backdoors. Particularly noticeable is the use of a malevolent silently forced Facebook app “backdoor” giving the threat actors super-admin permissions. By hijacking high-profile Facebook business accounts, the threat actor creates an elite army of […]
Tips And Best Practices For Small Business Email Management
One of my friends, Janet, is a classic example of why you need email management in your business. She constantly receives hundreds of emails at work. One day, she had an important client presentation in the afternoon. But the client sent her an email the previous night rescheduling the meeting to the early morning instead. […]
Malvertising in Google Search Results Delivering Stealers
Kaspersky observes a growth in malvertising activity that exploits Google search ads to promote fake software websites that deliver stealers, such as RedLine and Rhadamantys. The treat actors create copies of legit software websites while employing typosquatting (exploiting incorrectly spelled popular brands and company names as URLs) or combosquatting (using popular brands and company names […]
Chinese Espionage Attack on South East Asian Gov
At the beginning of 2021, Check Point Research identified an ongoing surveillance operation they named Sharp Panda that was targeting Southeast Asian government entities. The attackers used spear-phishing emails to gain initial access to the targeted networks. These emails typically contained a Word document with government-themed lures that leveraged a remote template to download and […]
OneNote Abused by Cybercriminals
Threat actors are taking advantage of Microsoft OneNote’s ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files. Once clicked, an attacker can use the embedded code for various malicious purposes, such as stealing data or […]
Emotet Malicous Mail is Back
After several months of inactivity, the Emotet botnet resumed email activity this morning at 8:00am EST. The malicious emails seem to be replying to already existing email chains, with the addition of an attached .zip file. The .zip files are not password protected. The themes of the attached files include finances and invoices. The .zip […]
Manually Creating Swap Partition
Continuing from this articles…https://anyware.com.sg/re-sizing-linux-storage/ What happened to Swap…. Creating Swap partition alone would not suffice that it would be used by the system; it has to be initialized and activated. To initialize: # mkswap /dev/sda5 To activate: # swapon /dev/sda5 When I recreated the partition I didn’t know about the above and this… New Swap […]
Re-Sizing Linux Storage
Continuing from this article https://anyware.com.sg/debian11-128mb/ While testing out the file server services; the storage space soon filled up. That’s when I realised I had provisioned only 16GB of Storage most likely I thought I’m won’t doing anything else besides sftp testing. So how exactly I increased the Storage size… There are couple of options in […]
Withsecure has developed Ransomware undo tech
Ransomware attacks have plagued organizations for the past several years, inflicting considerable financial losses. To help organizations manage ransomware and other threats, WithSecure™ (formerly known as F-Secure Business) has developed a new technology that can essentially undo the damage malware can cause. The technology, called Activity Monitor, was developed to make the capabilities of a sandbox […]
Debian 11 on 128 MB RAM
Coming from Win 3.1 days, I can’t fathom what the craze with modern operating systems gobbling GBs of RAM. Therefore I took it on myself to find which modern OS can smoothly run with the least amount of RAM. So I set out some parameter the OS should server, like it should have the complete […]
Some Pixel Phones are crashing cos of YouTube videos
A specific YouTube video is causing some Pixel phones to crash, as reported by Android Authority. When those who are affected by the problem try to watch the video, their phone instantly reboots. Some, including Android Authority, have also said their phones present cellular network issues afterward. (Android Authority said those issues were fixed after another reboot.) Readmore …. […]
Imposter HTTP Libraries Lurk on PyPI
ReversingLabs researchers discovered more than three dozen malicious packages on the PyPI repository that mimic popular HTTP libraries. The descriptions for these packages, for the most part, don’t hint at their malicious intent. Some are disguised as real libraries and make flattering comparisons between their capabilities and those of known, legitimate HTTP libraries. The packages […]
S1deload Stealer – Social Network Account Hijacker
An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems’ resources to mine cryptocurrency. Bitdefender is calling the malware S1deload Stealer for its use of DLL side-loading techniques to get past security defenses and execute its malicious components. […]
GlobeImposter Malware’s latest campagin
Since 2017, campaigns delivering GlobeImposter have continued to proliferate even though the ransomware has only evolved slightly. GlobeImposter is most often delivered via phishing email as an attachment or a link to a malicious attachment. The payloads are typically distributed via 7zip or traditional zip file archives. The archives often include a JavaScript (.js) file […]
Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Department of Health and Human Services (HHS), the Republic of Korea (ROK) National Intelligence Service (NIS), and the ROK Defense Security Agency (DSA) are issuing this joint Cybersecurity Advisory (CSA) to […]
Hunting Cyber Evil Ratels
Brute Ratel a commercial Red Team Operations framework developed by Chetan Nayak, an expert red teamer, has been used by attackers both in cybercrime and APT operations. This Red Team framework is designed to be capable of being highly evasive and undetectable by security products, as demonstrated by many shellcodes intercepted through hunting activities with […]
ProxyShellMiner Targets Windows Endpoints
Morphisec has recently identified a highly evasive malware campaign delivering ProxyShellMiner to Windows endpoints. As the name suggests, ProxyShellMiner exploits the ProxyShell vulnerabilities CVE-2021-34473 and CVE-2021-34523 in Windows Exchange servers for initial access and compromise of an organization to deliver crypto miners. After successfully breaching an Exchange server and obtaining control, the attackers use the […]
Cl0p ransomware variant targets Linux
SentinelLabs observed the first ELF variant of Cl0p (also known as Clop) ransomware variant targeting Linux systems on the 26th of December 2022. The new variant is similar to the Windows variant, using the same encryption method and similar process logic. While the Windows versions contain a hashing algorithm in order to avoid encrypting specific […]