Java/Adwind is typically spread as an executable file attached to spam email messages. When the file attachment is launched, the archive file drops malicious components onto the system, then continues to run in the background. On a Windows machine, the components are dropped to the %AppData% folder. When running in the background, the Adwind archive […]
Adwind: Malware-as-a-Service Platform Read More »
Cybersquatting or URL Hijacking simply means squatting or sitting on the cyber or domain name of someone else. It involves buying website URLs of popular business names or trademarks so that they can resell it at a cost. Typosquatting, on the other hand, makes use of common typing mistakes when typing the domain name of popular websites in the address
Cybersquatting and Typosquatting Read More »
The Ursnif Trojan (also known as Gozi ISFB or Dream bot) is one of the most prolific information-stealing Trojans in the cybercrime landscape. Since its reappearance in early 2013, it has been constantly evolving. In 2015, its source code was leaked and made publicly available on Github, which led to further development of the code by different threat
Troldesh aka Encoder.858 or Shade is a Trojan and a crypto-ransomware variant created in Russia and spread all over the world. Troldesh is based on so-called encryptors that encrypt all of the user’s personal data and extort money to decrypt the files. Troldesh encrypts a user’s files with a “.xtbl” extension. Troldesh is spread initially
Troldesh Ransomware Read More »
QualPwn is a set of vulnerabilities found in Qualcomm Snapdragon 835 and 845 chips. One vulnerability compromises your phone’s WLAN and Modem over-the-air. The other can open backdoors for attackers to the Android Kernel from the WLAN chip. It was first identified by Tencent Blade Team and they have published their findings in BlackHat USA 2019 and DEFCON
