Ztorg: money for infecting your smartphone
...g.uikal.com and api.ddongfg.com. The Trojan uses accessibility services to install (or even buy) apps from the Google Play Store. It also downloads apps into the .googleplay_download directory on the SD... more…Attack on Zygote: a new twist in the evolution of mobile threats
...information is sent to the cybercriminals’ server whose address the Trojan receives from a list written in the code: bridgeph2.zgxuanhao.com:8088 bridgeph2.zgxuanhao.com:8088 bridgeph3.zgxuanhao.com:8088 bridgeph3.zgxuanhao.com:8088 bridgeph4.zgxuanhao.com:8088 bridgeph2.viewvogue.com:8088 bridgeph3.viewvogue.com:8088 bridgeph3.viewvogue.com:8088 bridgeph4.viewvogue.com:8088 Or, if... more…SPAM Hack Targets WordPress Core Install Directories
...by doing some Google searches: http://www.immunomix.com/ITIpress/wp-includes/finance/paydayloan/payday-loans-instant.htmlhttp://microwaveamps.co.uk/wp-includes/js/thickbox/lib/loans/payday-loans-in-london-uk.htmlhttp://www.scifidimensions.com/wp-includes/finance/cashadvance/cash-advance-loan-lenders.htmlhttp://www.beereading.com/wp-includes/finance/cashadvance/cash-advance-loans.htmlhttp://vastema.com/wp-includes/cheap-hermes-lindy-bags-on-sale.htmlhttp://www.antibabypillerezeptfrei.net/wp-includes/js/crop/advancement/helpers/blrmalaysiabank.htmlhttp://todayscliche.com/wp-includes/palco.html http://www.ethosindia.com/wp-includes/mambo.php?p=55http://www.turnerforte.com/blog/wp-includes/finance/cashadvance/cash-advance-credit.htmlhttp://www.ednapletonblog.com/wp-includes/werty/replica-36596.htmlhttp://www.pettycustomhomes.com/wp-includes/cheap-kids-nba-jerseys-3167596.htmlhttp://www.pondproshop.com/reference/wp-includes/catalog/services/vybe/vybe-band-reviews.htmlhttp://firefly-path.net/wp-includes/pomo/qwe/4/Buy-Balenciaga-High-Quality-Replica-Clutches.phphttp://wolfgangcapellari.com/wp-includes/pomo/rolex-imitation.htmlhttp://byphandyman.com.au/wp-includes/people/replica-bvlgari-fake-watches.htmlhttp://rumbaytimbal.com/wp-includes/reviews/http://www.preservinggoodstock.com/wp-includes/louis-vuitton-bags-5641302.htmlhttp://www.domagojkovacic.com/wp-includes/wholesale-jerseys-from-china-7479567.htmlhttp://maciejkot.pl/wp-includes/detect.htmlhttp://allinseopack.com/wp-includes/js/plupload/oscar-leeser-bio-i12.comhttp://www.marinavendrell.com/wp-includes/store/diet/solpria/solpria-cleanse-reviews.htmlhttp://missouriche.org/wp-includes/louisvuitton19.htmlhttp://vastema.com/wp-includes/replica-hermes-birkin-25-cm.htmlhttp://www.conemund.org/eng/wp-includes/replica.phphttp://cri-technologies.com/wp-includes/pomo/mkheaf.php?psdjvwei=uplink%20dwdhttp://www.giser.net/wp-includes/headt.phphttp://chicksdigme.com/wp-includes-old/vanilla-sky-lyrics-owl-city-i0.comhttp://jewelrypictures.org/wp-includes/js/imgareaselect/ghd-machine-i5.comhttp://www.jobshopsf.com/wp/wp-includes/finance/autoloan/car-loan.htmlhttp://www.ebrice.com/wp-includes/shop/health/tagaway/buy-tag-away-discount-price.htmlhttp://amr-nadim.net/wp-includes/fake-hermes-clic-clac-bracelet–5621.htmlhttp://jesicaglot.com.ar/wp-includes/news/replica-watches_14626.htmlhttp://funaki.ens-serve.net/wp-includes/images/news/black-evening-dresses.htmlhttp://linkarbeid.no/wp-includes/replica-celine-tas.htmlhttp://www.iwillstandupforyou.com/wp-includes/nfljerseys-19244-6847676.htmlhttp://www.viparenda.com.ua/wp-includes/pomo/index/shorewatches.htmhttp://www.lelieuunique.com/site/wp-includes/wp-about.php?p=124-chaussure-christian-louboutin-pas-cher.htmlhttp://redtouch.com.mt/wp-includes/news/oris-aquis-depth-gauge-replica-watch-hands-on.htmlhttp://www.stridesforstars.com/wp-includes/rewrite/list.html http://perfectgroup.se/wp-includes/replica/rolexhttp://www.cowalrugby.co.uk/wp-includes.phphttp://janmccraylaw.com/wp-includes/watches/replica-32802.htmlhttp://bekarty.pl/wp-includes/be/cartier-swiss-replica.htmlhttp://conceitorio.com.br/home/wp-includes/indo/rolex-airking.htmlhttp://www.liftstudios.ca/wp-includes/images/arrows/lib/chanel/wallets/Chanel-Wallet-On-a-Chain-Replica.phphttp://mag.amazing-kids.org/wp-includes/js/crop/lib/vuitton/LV-Bags/Louis-Vuitton-Overnight-Bags-Replica.phphttp://atelier.aencre.org/wp-includes/js/thickbox/lib/louboutin/model/christian-louboutin-crystal-daffodil-pumps-replica.phphttp://feo.nusta.com.ua/wp-includes/images/news/buswatches.htmhttp://cafetaxa.dk/wp-includes/replica-watches-uk/http://www.socialned.nl/wp-includes/php/tag/michael-kors-outlet-washingtonhttp://podcasttennis.free.fr/wordpress/wp-includes/js/tinymce/themes/advanced/ejezuli/inig/http://www.baypointmarina.com/wp-includes/brand/ralph-lauren-sleepwear.htmlhttp://nsldigest.org/wp-includes/css/wp-pointer/Buy-Good-Replica-Louis-Vuitton-Shoes_25510.htmlhttp://supportambitiongroup.com/wp-includes/css/download-free-porn-no-sign-up.phphttp://icmcc.org/wp-includes/js/jcrop/gearshifter.php?dqq=506http://w3f.pl/wp-includes/pomo/silagra-50-price.htmlhttp://www.fedusa.org.za/wp-includes/js/tinymce/wp-mce-help.phphttp://www.styleslicker.com/wp-includes/js/buytadalafil/index.php?page=4http://nclarkplaning.co.uk/blog/wp-includes/Cardiovascular/ventolin-mdi-buy.htmlhttp://www.cadillacpizzapub.com/livemusic/wp-includes/finance/creditscore/annual-credit-score.htmlhttp://www.nagaloka.org/wp-includes/filesd/1137a750e374cebd95e7bfb4c05c60a0http://www.immunomix.com/ITIpress/wp-includes/finance/creditreport/credit-report-and-score.htmlhttp://www.elpaisdealtamira.es/wp-includes/js/crop/lib/vuitton/LV-Replica/Louis-Vuitton-Replica-AAA.phphttp://yogagals.com/wp-includes/bottega-veneta.htmlhttp://www.baypointmarina.com/wp-includes/brand/ralph-lauren-bicester-village.htmlhttp://nrca-railroad.com/wp-includes/js/crop/_notes/vuitton/LV-Outlets/Louis-Vuitton-Outlet-Store-in-Kansas-City-Missouri-MO.phphttp://www.madeleineking.co.uk/wp-includes/the-wine-house-lichfield-i10.comhttp://www.mecalfab.com/mecalfab1/wp-includes/discountstore/kitchen/ninjamegablender/mega-ninja-blender.htmlhttp://oisa.org/trl/wp-includes/onlineshop/naturalproducts/powerprecision/buy-power-precision-lean-muscle-formula.htmlhttp://www.elpaisdealtamira.es/wp-includes/js/crop/lib/vuitton/LV-Replica/Louis-Vuitton-Replica-AAA.phphttp://adamriemer.me/wp-includes/user/index.php?p=netflix-rentals-netflix-dvd-moviehttp://adcaustintech.com/javaegl/wp-includes/user/index.php?p=netflix-shareshttp://todomejora.org/wp-includes/js/crop/lib/loans/payday-loans-without-checking-account-requirements.htmlhttp://www.thekookmovie.com/wp-includes/phphttp://www.moorefinefoods.com/wp-includes/heads7.htmlhttp://www.businsure.com.au/wp-includes/jordanretroretails.com.htmlhttp://www.airjordanpaschererfr.com/http://stoleti.cz/wp-includes/images/index.phphttp://www.chriswind.net/wp-includes/nets1121.htmlhttp://icmcc.org/wp-includes/js/jcrop/gearshifter.php?dqq=196http://www.demalagana.es/wp-includes/jordan11spacejambox.com.htmlhttp://www.iarld.com/wp-includes/sageron.htmlhttp://www.maintenantlagauche.com/wp-includes/class-wp-login.phphttp://www.thesinbin.ca/wp-includes/images/jordansbred-us.com.htmlhttp://www.plantingdandelions.com/wp-includes/x-jordan.htmlhttp://www.martaortells.com/wordpress/wp-includes/images/jordansinfrared.com.htmlhttp://missouriche.org/wp-includes/nikefree11.htmlhttp://www.accqtrak.com/WordPress/wp-includes/Text/Diff/Renderer/Year57.phphttp://urbancampout.com/wp-includes/glass.phphttp://kortshoes.nl/wp-includes/The/fake-replica-watches.htmlhttp://wolfgangcapellari.com/wp-includes/pomo/rolex-imitation.htmlhttp://vastema.com/wp-includes/buy-hermes-lindy-handbags-outlet.htmlhttp://maciejkot.pl/wp-includes/detect.htmlhttp://nrca-railroad.com/wp-includes/js/crop/_notes/vuitton/LV-Buy/Buy-Louis-Vuitton-in-Warsaw-Poland.phphttp://www.elpaisdealtamira.es/wp-includes/js/crop/lib/vuitton/LV-Cheap/Cheap-Louis-Vuitton-Luggage-Knock-Off.phphttp://dibach.com/wp-includes/Text/Lifestyle/dating-lord-elgin-watches.phphttp://www.iwillstandupforyou.com/wp-includes/real-gucci-belt-for-men-cheap-8163353.htmlhttp://www.missouriche.org/wp-includes/index.htmlhttp://www.lonestarlandscaping.biz/wp-includes/store/diet/greencoffee/where-can-i-buy-green-coffee-bean.htmlhttp://www.andersonmontana.com/test/wp-includes/Text/Diff/Renderer/Filter17.phphttp://www.cerbone.com/wp-includes/store/exercise/contourabs/contour-abs-reviews.htmlhttp://www.smkgear.com/_wp/wp-includes/discountstore/home/solaramerica/solar-america-home-power-station.html This is a very small sample. A quick search on Google using inurl:/wp-includes viagra levitra cialis reveals more than 13,000 pages. As... more…FIN7.5: the infamous cybercrime rig “FIN7” continues its activities
...of wscript.exe or sctasks.exe copies, etc. wscript.exe copy sctasks copy Task name C2 byzNne10.exe byzNne17.exe TaskbyzNne logitech-cdn.com c9FGG10.exe c9FGG17.exe Taskc9FGG logitech-cdn.com zEsb10.exe zEsb17.exe TaskzEsb servicebing-cdn.com IOCs extracted from docs which... more…Website Mesh Networks Distributing Malware
...web sites: X.com, Y.com and Z.com. Homer injects malware into X.com that then loads from Y.com. The malware from Y.com is loaded from Z.com and the one from Z.com is... more…What kids get up to online
...vxp games pesindo wapka mobi samsung c3322 games free download mobile9 vxp games 2018 pes 2017 jar 128x160 download pes 2018 for nokia X2 pes 2020 java 320x240 Pesindo Wapka... more…Blog Comments – Analysing 100,000 Comments and Spammers
...analysis as requested. Read more: Blog Comments – Analysing 100,000 Comments and Spammers Incoming search terms teer free no teerccounter4@gmail com shillong teer naber Total Conqust2 game Download For Java... more…‘Twas the night before
...tuday hightteer com Fecbook apps dowunload dednomil game action game Dawnload itel game caram bord game samsung rex gtc3312 game call of duty 3 download for java320x240 Assmtir assam shlong... more…Conditional Malicious iFrame Targeting WordPress Web Sites
...http://daduridel.pdinahar.com/ikistudis16.html http://daduridel.youfuze.com/pipkalusinet16.html http://dolberop.cafebacon.com/bubluridosa16.html http://dolberop.spgrepair.ca/babuidosa16.html http://dundaroil.basgec.org/ilmaoprus16.html http://fluersutel.harrisoncarlos.net/signulita16.html http://fluersutel.limitlessnewworlds.com/pluirdogum16.html http://fluersutel.tecnopes.com.ar/miksopulp16.html http://girometr.cathyerdmann.com/igagoulider16.html http://girometr.deportesenfotos.com/bobnamuldis16.html http://girometr.dgodns.net/bubnsifnal16.html http://girometr.esmacu.org/lakilakus16.html http://girometr.heliconsystems.com/nunialorsul16.html http://girometr.kunjungiindonesia.com/ifirusifalus16.html http://girometr.pakning.net/bubradiupola16.html http://girometr.perkinsbraden.com/poltiudersas16.html http://girometr.pomegranateatthemarket.net/sudretuida16.html http://girometr.welawfl.com/filkasuirado16.html http://igrasulter.fordfixer.net/adorigal16.html http://igrasulter.geekgadget.net/biblosulda16.html http://igrasulter.josianeguss.com/dadulbar16.html http://igrasulter.lostbrundageit.com/plorifilir16.html http://igrasulter.mslcomputers.com.au/filkakurtik16.html http://igrasulter.too-oop.com/legarda16.html http://igrasulter.vesti-ua.net/vavluisa16.html The Clean up Cleanup is... more…Gaza Cybergang Group1, operation SneakyPastes
...had a multitude of functionalities (as listed in the table below) such as to download and execute, compress, encrypt, upload, search directories, etc. The threat actor’s main objective for using... more…The “EyePyramid” attacks
...domains outlined by the police report follow: E-mail Addresses used for exfiltration gpool@hostpenta[.]com hanger@hostpenta[.]com hostpenta@hostpenta[.]com purge626@gmail[.]com tip848@gmail[.]com dude626@gmail[.]com octo424@gmail[.]com tim11235@gmail[.]com plars575@gmail[.]com Command-and-Control Servers eyepyramid[.]com hostpenta[.]com ayexisfitness[.]com enasrl[.]com eurecoove[.]com marashen[.]com millertaylor[.]com... more…New Version of XLoader That Disguises as Android Apps and an iOS Profile Holds New Links to FakeSpy
...In the case of Android devices, accessing the malicious website or pressing any of the buttons will prompt the download of the APK. However, successfully installing this malicious APK requires... more…Darkleech + Bitly.com = Insightful Statistics
...data about the attack scale. Another outcome of this choice was the ease of disruption of this attack. Once we downloaded all the interesting data, we contacted both Bitly.com and... more…Website Malware – Mobile Redirect to BaDoink Porn App
...A few weeks ago we reported that we were seeing a huge increase in the number of web sites compromised with a hidden redirection to pornographic content. It was... more…New(ish) Mirai Spreader Poses New Risks
...to downloading additional configuration files, fetching further instruction, and downloading and running additional executable code. Again, mostly all of these components, techniques, and functionality are several years old and are... more…Data collectors
...youtube.com, kijiji.ca, msn.com, ebay.com, zillow.com, weather.com, macys.com, kohls.com, and facebook.com. In second place in North America is AOL Advertising; this tracker was blocked most frequently by our users on msn.com,... more…Kam dál?
- Better business-government teamwork needed to categorically fight cyberthreats
- AdGuard adblocker resets passwords after credential-stuffing attack
- Dell ImageAssist CVE-2019-3767 Local Information Disclosure Vulnerability
- Cloud security forecast: Murky with an 80% chance of finger pointing
- No need to shoot down drones! Many of them can now be hijacked
- Estonia Arrests Alleged Russian Agent Plotting Cyber-Crime
- SSCC 151 – Measuring vulns, Apple and Wi-Fi privacy, Android ransomware and more [PODCAST]
- Know what Instagram knows – here’s how you download your data
- Microsoft Windows AFD Driver CVE-2011-2005 Local Privilege Escalation Vulnerability
- Usenix LEET 2012: Observations on Emerging Threats