Latest Posts

Florida Man Pleads Guilty to Attempted Hacking of Clinton Foundation

Timothy Sedlak, a 43 years old man from Florida pleaded guilty on Thursday for attempted hacking of the Clinton Foundation. Sedlak was arrested in 2015 and according to the prosecutors, he launched about 390,000 unsuccessful attempts on the charitable organization's computer network. The police also discovered files of child pornography on his computer and he was sentenced to 42years of imprisonment, separately, by Orlando court

Describing himself as a private investigator, Timothy stated that he was searching whether charities were used to fund Islamic militant groups.

During the proceeding, the prosecutors did not mention the name of the New York-based charitable organization but Reuters managed to get a copy of the filing on February 3.

More can be read from Reuters Here!

Hard-to-Detect Malware Attacking Enterprise Networks

According to Kaspersky Lab's latest report, an "invisible" malware is spreading among banks, telecommunication companies and government agencies. This sophisticated worm uses legitimate system admin and security tools such as PowerShell, Metasploit and Mimikatz to inject malware into computer memory.

This particular malware was first discovered by the security team of a bank. They found a copy of Meterpreter on the physical memory of Microsoft domain controller. Forensic analysis reported that the Meterpreter code was downloaded and injected by using PowerShell commands. It was discovered that the NETSH utility was used for tunneling traffic from the victim's computer to the attacker's server. To run malicious PowerShell scripts, the attackers grabbed credentials from Service accounts with administrative privileges by using Mimikatz.

By now, over 140 enterprises in 40 countries have been affected by the new malware.

Source:[Securelist Blog]

Fined For Sending Embarrassing SMS

A 24 years old driver has been fined Rs 75000 for sending five embarrassing SMS to a bank staff in 2010. He was found guilty of violating the telecommunication law of Mauritius by sending four SMS and making eight phone calls on May 1, 2010.
The plaintiff registered a statement on May 20, 2010 and stated that she was humiliated and demoralized by these SMS. She also added that she did not know the person who send her the messages and that it was a man who spoke to her on the other end of the line. She even had to change her phone number.
Following the judge order, the police were able to get the identity of the SIM card owner. The plaintiff later added that the defendant went to her work place to apologize and begged her to withdraw her complaint.
In court the defendant pleaded not guilty and maintained that he was not the one who sent these SMS. However, he was not convincing and could not provide explanation as the SIM card was registered on his name.

We advise our readers not to register other people's SIM card on their name.

Source: [Defimedia]

HR Targeted Ransomware Campaign

Security researchers from Check Point came across a new Ransomware campaign targeting Human Resource departments. The attack start by an email pretending to be a job application. The email contains a brief message from the applicant and two attachments, a PDF file and an Excel document.

The PDF file is non malicious cover letter which trick the receiver into believing that the email is legitimate. The second document, is a macro-enable Excel file containing a picture of a flower with the word "Loading..." . A text asking the victim to enable the content can also be seen.

 As soon as the receiver enable the content, the macro in the excel document is executed and the encryption process of the files is started, preventing the user from accessing the files. Once encryption is completed, the victim is presented with a note: “YOUR_FILES_ARE_ENCRYPTED.TXT” . 

The device is then automatically rebooted and a fake “chkdsk” screen is displayed while the disk is been encrypted.

After disk encryption, the victim is presented with the below screen where steps to decrypt their disk has been given.

We advise people from HR departments to remain alert. Make sure a robust anti-Ransomware software is running on your device. Scan all downloaded document before opening.

Source: [CheckPoint Blog]

Google Patches 95 Android Vulnerabilities

Google's first Android Security Bulleting for 2017 addresses 95 vulnerabilities in the operating system, among which, 22 were rated Critical. This update is split into two, the 2017-01-01 security patch, which addresses 23 vulnerabilities and the 2017-01-05 security patch level addresses 72 bugs affecting drivers.

The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.

A full list of all the addressed vulnerabilities can be find from official source below.

We advise our readers to update their Android devices.

Source: []

Denial-of-Service Malware Targeting Macs

Security Company Malwarebytes has warned about a new malware which is targeting Macs. The Denial of Service malware hijacks Safari and Apple's Mail applications and automatically creates email drafts continuously until the Mac can no longer handle the task and crashes.
A link is been sent via email addresses and The malware is hosted on different sites such as safari-get[.]com, safari-get[.]net, safari-serverhost[.]com and safari-serverhost[.]net.

Mac users running macOS 10.12.2 (or later betas) are not affected, as Safari detects the attempt to open the Mail app and blocks the unwanted event.

We advise our readers not to open emails from these addresses and to immediately delete them.

Source: [9to5mac]


Free counters!

Receive all updates via Facebook. Just Click the Like Button Below...

Powered By MauriHackerS


MauriHackerS - Providing Latest IT Security and Hacking News !