Cyber World News

North Korean hackers return to actively deploying ransomware after the huge WannaCry debacle. Antivirus maker Kaspersky said in a report today that hackers associated with the North Korean regime are behind a new ransomware strain known as VHD. The report details two incidents to which Kaspersky was privy, where intruders gained access to companies' networks and deployed the VHD ransomware. Kaspersky experts say that tools and techniques used during the two intrusions link the attackers to Lazarus Group -- a generic name given to hackers working for the Pyongyang regime. This included: the use of the MATA (Dacls) malware framework to deploy VHD as a final payload the use of techniques to move across a victim's internal network that were previously observed in past Lazarus campaigns "The data we have at our disposal tends to indicate that the VHD ransomware is not a commercial off-the-shelf product; and as far as we know, the Lazarus group is the sole owner of the MATA fram

Chinese state-sponsored hacking group targets India and Hong Kong with a unique phishing attack designed to convince the target. The campaign uses multiple documents with the filename ‘Mail security check’ and “Boris Johnson Pledges to Admit 3 Million From Hong Kong” in the attack. The document with the name ‘Mail security check’ targets India and the document with “Boris Johnson Pledges to Admit 3 Million From Hong Kong” targeting Hongkong. According to Malwarebytes  analysis , this new campaign is operated by a Chinese state-sponsored actor, who has been active since at least 2014. Spear-Phishing to Install MgBot Malware The campaigns found to be active since July 2, in the first campaign attacker group uses the Cobalt Strike variant delivered through a weaponized word document. A day after the first attack the APT group changed their template to drop, a loader called MgBot that make use of Application Management (AppMgmt) Service on Windows to deliver the final payload. The campaign

5 best games like GTA for mobiles: Many players look for new mobile games that give them the GTA vibe. Check out these five similar titles that you can play on your mobile phones. GTA is undoubtedly the king of open-world games, and while no one can hope to touch the legacy of the legendary franchise, some games are a lot like GTA, and can be played on your phone. These games take the best elements from GTA and combine them with a few new features to come out with some exciting and fresh gameplay, which is worth checking out. Five best games like GTA on your phone Max Payne Mobile Max Payne is a Rockstar Games original and will give you the same gameplay and theatric quality that GTA has to offer. A third-person shooter game like the original PC version, Max Payne centres around the thick, murky plot of an undercover cop as he uncovers how and why his family was murdered. Guaranteed to make you feel like you’re on the edge of your seat, this game will leave you with the same tone and e

New Android malware has been discovered that steals data such as credit card details, password from 337 applications. This included some of the popular apps such as Amazon, Gmail, Uber, Netflix, and more. Highlights The malware was discovered by a mobile security firm Threatfabric. The malware is being distributed as fake Google update packages offered on third party websites. The malware is capable of performing intrusive operations such as Perform SMS floods, start specific apps, show custom push notifications, perform SMS floods, sabotage mobile antivirus apps. About the malware The malware is based on the leaked source code of another malware Xerxes. Again, xerxes is based on the strains of other malwares. Blackrock is completely enhanced with stealing passwords and credit card details. It collects data through overlays. Working of the malware The Malware asks for credit card setails and login credentials before the user enters the app. It asks for phone’s accessibility feature. It

Something normal happened on Twitter earlier this afternoon. Someone claiming to be Elon Musk started tweeting an obvious scam to entice his loyal bootlickers to send bitcoin to a random cryptocurrency wallet. This happens all the time, but the strange thing about today was that the tweets were coming from Musk’s  verified account . And nearly identical tweets were coming from accounts of people like Bill Gates, Jeff Bezos, Kanye West, Joe Biden, Barack Obama,  Warren Buffett,  every major crypto-exchange , and I’m quickly losing track of all of ‘em. This is obviously the result of a Twitter hack the likes of which we’ve never seen before. A spokesperson for the social network told Gizmodo that they are aware of the situation and will issue a statement shortly, which they did right before publication. The hackers appear to be using a number of different wallets but the address being used on tweets from Musk and Gates has received around $59,000 worth of bitcoin so far. The sudden flurr

WATCH DOGS 2 IS NOW FREE!!! Ubisoft announced that anybody who watched this morning’s Ubisoft Forward event would be able to claim Watch Dogs 2 for free. There were issues with redeeming during the Livestream, due to so many people trying to log in at once, so they’ve now made this available for all users. You just need to head to THIS website,  log in with your uPlay account and then Watch Dogs 2 should appear in your account soon after.

According to a new report, 127 home routers developed by seven different large vendors affected with multiple critical security flaws. The examination was done by researchers on several aspects such as firmware updates, operating systems, known critical vulnerabilities, and Cryptographic functions. The study says there is no single router without known critical vulnerabilities, the research conducted by Germany’s Fraunhofer Institute for Communication, Information Processing and Ergonomics (FKIE) and looked at 127 router models from ASUS, AVM, D-Link, Linksys, Netgear, TP-Link, and Zyxel. Home Routers Affected More than 90% of the router running Linux OS, one-third of the routers running with an older version of Linux kernel version(2.6.36) updated in 2011. The routers found to be affected with 53 critical-rated vulnerabilities, the worst-case regarding high severity CVEs is the Linksys WRT54GL powered by the oldest kernel. “AVM does a better job than the other vendors regarding most a

Once again, Cerberus malware has emerged as a threat to users after appearing on the Google Play Store. The malware posed as a cryptocurrency converter app to trick users, thus reaching thousands of downloads. Cerberus Posing As Cryptocurrency App Researchers from Avast found Cerberus malware appearing on Google Play Store. The malware hid behind a cryptocurrency converter app. As explained in their post, the app seemingly aims at Spanish users. It bears the name “Calculadora de Moneda” which translates as “Currency Calculator” in English. Considering the niche chosen, it seems that malware basically attempted to steal users’ banking data, which the users would need to enter while converting their cryptocurrency to fiat money. Briefly, the researchers observed that the app remained harmless for a few initial weeks, seemingly to gather users (or victims). This also allowed the app to escape security check by Google Play Protect. However, the app did bear malicious malware dropper code w

Google Has Removed These Apps With Malware, Uninstall Them Now! Data uploaded to hackers The  Google  PlayStore was hit with malware-ridden apps as the company recently removed 11 applications from its platform that were infected with the Joker malware. It was last year that the Joker malware has been reported and it was observed that it was spreading rapidly. As per the latest report by  Check Point’s research , a new variant of the malware has been discovered on the PlayStore. The update to the Joker malware can download additional threats to the device which subscribes the users to premium services of apps without their consent. You can also read more about the threat in a detailed report  here. Snapshot:- List of apps removed: com.imagecompress. android com.relax.relaxation.androidsms com.cheery.message.sendsms (two different instances) com.peason.lovinglovemessage com.contact.withme.texts com.hmvoice.friendsms com.file.recovefiles com.LPlocker.lockapps com.remindme.alram com.train

New Variant of Infamous Android Joker Malware Bypasses Google Play Security to Attack Users The Joker malware detected in early June 2019, it employs several tactics to bypass GooglePlay protection and to perform several malicious activities. The malware used to hide inside different apps and once users downloaded to the phone they got infected with the Joker malware. It aims to steal money from the user by signing for paid subscriptions, it interacts with the user’s SMS messages, contact lists, and other data from the device. Earlier it was observed that Joker malware hidden with 24 apps different apps, all the apps have been reported to Google and removed from the store. New Joker variant Check Point researchers discovered a new variant of Joker Dropper and Premium Dialer spyware in Google Play hidden with 11 apps that removed from Google Play on April 30, 2020. The updated version of Joker malware hides behind look like legitimate apps and downloads additional malware on the device.

Zoom 0day Vulnerability Let Remote Attacker to Execute Arbitrary Code on Victim’s Computer A new remote code execution “0day” flaw with Zoom Client for Windows allows remote attackers to execute arbitrary code on Windows computer where the vulnerable version of Zoom client installed. The vulnerability was found by a researcher who wants to keep their identity private, the vulnerability can be exploited by an attacker by making the victim open the malicious document file. Zoom is a popular video conferencing software across the globe that are used by individuals across the globe to work from and to stay in touch with friends and family. Zoom 0day Vulnerability The vulnerability can be exploitable only on Windows 7 and other older versions of the Windows machine. Clients running on Windows 8 or Windows 10 are not affected. ACROS Security has  reported  the issue to Zoom and released a micropatch for its 0patch to prevent the exploitation until the Zoom releases an official fix. Now micro

This gaming college in India is revolutionizing gaming education Backstage Pass is not only a college but a systematic guide for knowledge in game development and the games industry throughout time. The gaming industry began in the late 20th century but it did not achieve prominent traction until the early 2000s. Now surpassing the movies and music industry, gaming is the fastest-growing entertainment industry in the world. But in India, real growth began about a decade ago. Backstage Pass Institute of Gaming and Technology, from its inception in 2010, has evolved alongside the industry. The gaming companies in India rose from a mere 25 to 300, and the students in Backstage Pass rose from 10 students to almost 400 students in the past 10 years. Backstage Pass is founded by Surya Prakash, who has 18 years’ experience in this field, with the vision of providing international standards of gaming education for game enthusiasts of all socio-economic backgrounds. They follow a mentorship app