Alerts

If you have an account with Microsoft Outlook email service, there is a possibility that your account information has been compromised by an unknown hacker or group of hackers, Microsoft confirmed.

Earlier this year, hackers managed to breach Microsoft’s customer support portal and access information related to some email accounts registered with the company’s Outlook service. Yesterday, a user on Reddit publicly posted a screenshot of an email which he received from Microsoft warning that unknown attackers were able to access some information of his OutLook account between 1 January 2019 and 28 March 2019.
Read more »

Drupal, the popular open-source content management system, has released security updates to address multiple “moderately critical” vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of websites.

According to the advisories published today by the Drupal developers, all security vulnerabilities Drupal patched this month reside in third-party libraries that are included in Drupal 8.6, Drupal 8.5 or earlier and Drupal 7.

One of the security flaws is a cross-site scripting (XSS) vulnerability that resides in a third-party plugin, called JQuery, the most popular JavaScript library that is being used by millions of websites and also comes pre-integrated in Drupal Core.
Read more »

The National CSIRT-CY would like to inform you of a Ransomware attack that is currently in progress worldwide.

After the analysis of the National CSIRT-CY, the following IOC’s (Hashes) were found.

 

FileDetails

Type PE32 executable (GUI) Intel 80386, for MS Windows
FileName sql.exe
Size 94720 bytes
MD5 5a9eb8d21148bc8b54460d03f4f7c3b6
SHA1 e2bf54f632b98b3f77d15794bf1251d1cf4e2974
SHA256 e83d9e54f12139150e2ba6ed2f6b119dcc593ea7dc3137cef8942674bf69490b
SHA512 7f208bb599d571758cf575ca998ec06f5a5efc79a7763cccc6e884c72b85fd106cc3f3d8adbb153fec14523a94d6b00e8b4c93036553cd7c8fb92d33def7559c

Read more »

Uniden’s website for commercial security products has been hacked to host a Word document that delivers what appears to be a garden variety of the Emotet trojan, also known as Geodo and Heodo.

Compared to Uniden’s main website, which offers a wide range of electronic products (radios, scanners, radar detectors, dash cams, cellular boosters), the solutions available on the commercial branch are limited to cameras (both IP and analog), network video recorders (NVR).

Emotet sitting nice and snug

Discovered by threat tracker JTHL , the malicious Word file is stored in the ‘/wp-admin/legale/’ folder and includes a macro that downloads what seems to be a variant of Emotet, according to URLhaus, a project from abuse.ch that collects, tracks and shares malicious URLs with security professionals and network administrators.

With the help of 265 volunteer security researchers, over a period of about ten months, URLhaus project contributed to taking down 100,000 websites actively engaged in malware distribution.

Read more »

If you have downloaded the VSDC multimedia editing software between late February to late March this year, there are high chances that your computer has been infected with a banking trojan and an information stealer.

The official website of the VSDC software — one of the most popular, free video editing and converting app with over 1.3 million monthly visitors — was hacked, unfortunately once again.

According to Dr. Web hackers hijacked the VSDC website and replaced its software download links leading to malware versions, tricking visitors into installing dangerous Win32.Bolik.2 banking trojan and KPOT stealer.

Read more »