Peter Gramantik, a malware researchers from Sucuri has discovered a new way to distribute malware that relies on reading JavaScript code stored in an obfuscated PNG file’s metadata to trigger iFrame injections. This injection makes it very harder for antivirus detection because the injection method is deeply engrained in the image’s metadata. This iframe can be seen […]
A very dangerous Android bootkit Trojan resides on memory of infected device (discovered by DrWeb) that can re-install itself over and over again automatically even after users remove it from their Android device , has infected more than 350,000 devices in various countries Last week Drweb, warned users about a very dangerous bootkit Trojan called […]
Agencies of China, Romania and the United States have jointly acted with the India Central Bureau of Investigation (CBI) against cyber criminals in these countries who were allegedly hacking into US based websites. According to sources from TOI, Amit Tiwari was arrested on the information shared by the FBI, which were interrogating a global hacker […]
Researchers from Symantec have identified a PC Trojan which can compromise Android smartphone by installing ‘malware ‘when connected via PC. The Windows Variant is known as Trojan.Droidpak, drops a malicious DLL to the windows system and registering DLL as a windows service. Then the DLL downloads a configuration file (from active remote server) that downloads […]
Researchers at Fireye have discovered six variants of Android malware family( Android.HeHe) that disguises itself as a security app, and intercepts the incoming texts and calls of victims. As per Fireeye “The app disguises itself as “android security” , attempting to provide the users what is advertised as an OS Update. It contacts the […]
Security researchers at Ben Gurion University have discovered a serious flaw on Android’s VPN implementation, exposes protected data. As per the researchers, the Android vulnerability allows a malicious app to bypass virtual private network (VPN) configurations( no root permission required) , and ultimately send unencrypted data to an attacker. “The secure data communications can be captured in […]
Its not a good time for Microsoft . SEA defaced Microsoft’s office blog as promised last week and Microsoft at its keens again. It appears that SEA has been trolling Microsoft by compromising much larger than people though. The compromised Microsoft twitter read : “Dear @Microsoft, Changing CMS will not help you if your […]
Can you imagine your home television becoming a zombie ? As scary as it sounds , the reality is in front of us. Most of the current day televisions, refrigerators, surveillance devices and temperature control devices( Internet of Things- IoT) are all part of a home network, which in turn connects to the internet. None […]
Security researcher Daniel E. Wood discovered that Starbucks IoS App stores username, email address and passwords in clear text(CVE-2014-0647) . Starbucks mobile payment apps are used widely by customers for its easiness to buy privileges. However this disclosure comes with a surprise because all the customer data gets stored in plain text and easily available for […]
A trojanised app version of “Minecraft – Pocket Edition” has been in the wild tricking infected users by sending SMS messages to premium rate services. As per F-Secure researchers, the purpose of the fraudster is to generate revenue sending text to various services for which users would have never purchased. Lately in the Google […]