A hacker group has made $75,000 by installing Moreno miner in Linux servers by exploiting a five year old vulnerability. Rule #1: Patch your OS and software Rule #2: When in doubt refer to rule #1
FakeBank
New variant of the FakeBank have been found active in South Korea. FakeBank will superimpose a fake login in screen on top of your banking app and the new variant will also intercept out going calls to your bank and routed to scammers. Scammers can also all you and make it look like its your … Continue reading FakeBank
USB Attacks/Pen Test
Chinese Database
Chinese intelligence agencies are doctoring the Chinese National Vulnerabilities Database (CNNVD) to hide security flaws that government hackers might have an interest in. Once again China has give us even more evidence that they can never be trusted. Here is the report. Please note that in the linked web site they display the map of … Continue reading Chinese Database
Banking Trojan
Banking Trojans has been found on many low cost Android phones. Below are the list: Leagoo M5 Leagoo M5 Plus Leagoo M5 Edge Leagoo M8 Leagoo M8 Pro Leagoo Z5C Leagoo T1 Plus Leagoo Z3C Leagoo Z1C Leagoo M9 ARK Benefit M8 Zopo Speed 7 Plus UHANS A101 Doogee X5 Max Doogee X5 Max Pro … Continue reading Banking Trojan
Frontier Communication PIN
On Frontier Communications billing statement the customer's PIN number to access the account is displayed. I have talked to Frontier on two occasions and even talked to the President's office and the repose was that it's for customer convenience and they never had problems with it in that past. PIN number should be displayed at … Continue reading Frontier Communication PIN
Microsoft Word Attack
Bad actors is spreading malware via Word documents that will infect your computer without using macros. Part the problem was actually patched by the January path Tuesday. Always keep your computer patched Never open any e-mail attachments Use service such as Dropbox to send files.
Saturn Ransomware
Yet another ransomware. I am not surprised that a ransomware is popping up just about every day. Some tips on how to protect yourself: If you did not go looking for it, don't download it If your browser prompt that you need to update your Flash player, DON"T DO IT!!! Do not download any email … Continue reading Saturn Ransomware
Adobe Flash Zero Day
Yet another Flash player zero day. The latest one is created by North Korean hackers. I recommend that we should all uninstall Flash. To uninstall Flash just go to Adobe web site and search "uninstall flash" and the first two results will be what you need. Remember to do the search in Adobe web site … Continue reading Adobe Flash Zero Day
Social Security
I you are getting Social Security retirement money via direct deposit, you need to register yourself at SSA.GOV. Apparently crooks are registering people and hijacking their Social Security money. Brian Krebs has a very nice write at his site.
