Security News

Thu
21
Sep

Xafecopy Trojan: How to protect your money from being stolen through your smartphone?

With the rapid growth of technology in the Digital World, the number of cybersecurity breaches has grown proportionately or even more. The year 2017 has witnessed numerous ransomware and malware attacks across the world so far. The new malware “Xafecopy Trojan” which steals money from mobile phone users has been recently detected by 'Kaspersky', a Russia based internet security firm. The malware has already infected more than 4800 Android users in just a month in around 47 countries including India, Russia, Turkey, and Mexico. The penetration rate reveals that an alarming rate of 40 percent of the malware's targets has been in India.
 

How does Xafecopy Trojan work?

Tue
27
Jun

Petya (Petwrap) Ransomware Attack

There is another major ransomware attack named "Petya" which is spreading quickly and affecting various countries globally. Ransomware is a malicious malware, which typically restricts users' access to machine until a said ransom is paid to get the key and unlock it.
 
Petya ransomware reboots victim's computer, encrypts master file table including rendering the master boot records (MBR) of infected Windows computer, thus making the affected computer unusable. Present reports indicate that the ransomware exploit vulnerabilities in Server Message Block (SMB).
 
Please read the attached document for more details on this ransomware.
Wed
21
Jun

Info-security Europe 2017 Summary Report on application security trends for Q1 – Q2 2017.

Info-security Europe 2017 Summary Report on application security trends for Q1 – Q2 2017.
1.     Bug Bounty fatigue trend : 9/10 web applications of private or public bug bounty program contained at least two high-risk vulnerabilities undetected by the crowd security testing. Such vulnerabilities require a thorough understanding of web application structure, architecture and business logic. Researchers adapt their testing targets and methodologies looking for the flaws that do not require a lot of time to detect. Google’s Project Zero Prize, ended without a single valid submission, is a good example that no researchers are motivated to spend endless nights on complicated vulnerabilities and exploitation techniques, without a solid assurance of payment

Mon
15
May
Mon
15
May

A Note on WannaCry/WanaCrypt0r Ransomware

Ransomware is a malicious software that encrypts the files and locks device, such as a computer, tablet or smartphone and then demands a ransom to unlock it. Recently, a dangerous ransomware named 'Wannacry' has been affecting the computers worldwide creating the biggest ransomware attack the world has ever seen. This has affected computers in India also.
 
About the Wanacrypt0r Ransomware
 
Wanacrypt0r is a ransomware that infects windows systems by exploiting a vulnerability called EternalBlue.  The exploit allows access to a remote machine via SMBV1 protocol. Microsoft patched this flaw in March as MS17-010. Wanacryptor is also known as “wannacry, wcry and wannacrypt.
 
How does Wanacrypt0r work?
 
Mon
17
Apr

Android Trojan Targeting Over 420 Banking Apps Worldwide Found On Google Play Store

How Android Banking Trojan Works

BankBot is mobile banking malware that looks like a simple app and once installed, allows users to watch funny videos, but in the background, the app can intercept SMS and display overlays to steal banking information. Mobile banking trojan often disguises itself as a plugin app, like Flash, or an adult content app, but this app made its way to Google Play Store by disguising itself as any other regular Android app. Once downloaded, the app persistently requests administrative rights, and if granted, the banking malware can control everything that's happening on an infected smartphone.
 
Thu
12
Jan

Win a Career in TCS Cyber Security Team

Win a Career in TCS Cyber Security Team

Win a Career in TCS’ Cyber Security Team and grab a chance to be associated with the history of the contest as the Winner of the Inaugural Edition.

Welcome to HackQuest, TCS Ethical Hacking Contest for students passing out in 2017.
 
Eligibility Criteria: Open for Technical UG, PG & BCA students of 2017 batch with specialization in Computer Science, IT and Circuit Branches (Electronics & Electrical Engineering, Electronics & Communication, Electronics & Telecommunication, Electrical, Electronics, Electronics & Instrumentation and Instrumentation)
 
Why should you participate?
 
Fri
16
Sep

QuardRooter Vulnerability – A risk for nearly 1 billion android devices

QuardRooter Vulnerability – A risk for nearly 1 billion android devices
As Android market is growing with coverage of more than 66% of mobile operating system, Attackers are finding ways to break in to these devices with the vulnerabilities which can help in gaining access privileges.
Now with the discovery of the new QuardRooter vulnerability, nearly 1 billion android smart-phones and tablets are at risk; when these vulnerabilities are exposed, it can give attackers complete control of the device intern providing access to sensitive and corporate data on the devices.
 
What is QuadRooter?
 
According to check point research team - QuadRooter is a set of four vulnerabilities affecting Android devices built on Qualcomm chipsets and Qualcomm is world’s leading designer of LTE chipsets owning a 65% share of the LTE modem baseband market.
 
Mon
11
Jul

Beware andriod users: Pokemon GO can be a malware

Beware andriod users: Pokemon GO can be a malware
The new smash-hit game "Pokemon Go" could become bait for hackers wanting to take over your phone.
 
Researchers at security firm Proofpoint have already found an Android version of the game containing malware. Once installed, it uses a remote access tool called DroidJack that can give a hacker full access to the phone
 
Pokemon Go is the first Pokemon game sanctioned by Nintendo for iOS and Android devices. It was launched earlier this week, but so far it's only officially available in the U.S., New Zealand and Australia, through the App Store and Google Play.
 
That means people in other countries who are keen to get their hands on it might resort to side-loading the game from third-party app stores -- opening the door to a potentially infected version.
 

Pages

Subscribe to RSS - Security News