Archive for December, 2018


The companies in the automotive sector in Italy have been hit by the Roma225 cyber espionage campaign with the RAT Revenge. Cyber ​​security experts from Cybaze-Yoroi ZLab: The malware was spread via email that impersonated a partner of   a Brazilian maxi law firm

Continue reading

What first arose as a server outage was identified Saturday as a malware attack, which appears to have originated from outside the United States and hobbled computer systems and delayed weekend deliveries of the Los Angeles Times and other newspapers across the country.

Continue reading

FireEye assesses APT33 may be behind a series of intrusions and attempted intrusions within the engineering industry. Public reporting indicates this activity may be related to recent destructive attacks. FireEye’s Managed Defense has responded to and contained numerous intrusions that we assess are related. The actor is leveraging publicly available tools in early phases of the intrusion; however, we have observed them transition to custom implants in later stage activity in an attempt to circumvent our detection. Continue reading

Anomali Labs in its continued hunt for the destructive Shamoon malware, has identified a new Shamoon malware sample that uses an image of a burning US Dollar as part of its destructive attack. Historic versions of the Shamoon destructive wiper have utilized images of a burning American flag and the drowned Syrian refugee and child Alan Kurdi as part of targeted attacks attributed to the Iranian State. The image includes the text “WE WILL TAKE REVENGE ON THE BLOOD AND TEARS OF OUR CHILDREN” which is displayed in tandem with the overwriting of files on a victim’s system. Continue reading

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Continue reading

Almost 1,000 North Korean defectors have had their personal data leaked after a computer at a South Korean resettlement centre was hacked, the unification ministry said. Continue reading

TL;DR: There is an ongoing attack against users where servers raise exceptions when a client broadcasts a transaction; in this case the error text is displayed as is in the client GUI. The attacker has spawned lots of servers on different /16 IPv4s to increase his chances of being connected to. The error messages are trying to get the user to download and install malware (disguised as updated versions of electrum). Continue reading

A ransomware called JungleSec is infecting victims through unsecured IPMI (Intelligent Platform Management Interface) cards since early November. Continue reading

The latest version of Google OS, Android Pie, implements significant enhancements for cybersecurity, including a stronger encryption and authentication.

Continue reading

BevMo recently learned of a data incident from the ecommerce service provider that operates our website at http://www.bevmo.com. This incident may have affected certain customers’ payment card numbers and other information entered on the BevMo website for a limited period of time. We are providing this notice as a precaution to inform potentially affected customers about this incident and to call your attention to steps you can take to help protect your personal information. We sincerely regret any concern this may cause you. Continue reading