Author: Stephanie Adlam

I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.

Gozi and IcedID Trojans Spread via Malvertising

Malvertising sing paid ads to spread Gozi and IcedID

Malvertising on Google Search is an unpleasant occurrence where malicious ads appear in search engine results. These ads are meant to help users find relevant information. But unfortunately, some cybercriminals use paid advertisements to entice users to visit harmful websites and deceive them into downloading malicious software. How does malvertising work? Malvertising is an attack… Continue reading Gozi and IcedID Trojans Spread via Malvertising

Fake Ads on Facebook Promote Scam AI Services

Growing interest in AI has prompted attackers to take advantage of it

Facebook has been hit by a wave of fake ads that offer what looks like AI services. In fact, those are scam pages that trick people into installing malware. AI Scam in Facebook Ads The use of social media for cybercrime, in general, is nothing new. However, to maintain effectiveness, sometimes fraudsters have to adjust… Continue reading Fake Ads on Facebook Promote Scam AI Services

FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware

FIN8 cybercriminals group using a new type of malware called Noberus to avoid detection.

FIN8, an infamous group of cybercriminals, has updated its backdoor malware to avoid being detected. They made improvements and prepared to release a new type of crimeware called Noberus. This threat actor has returned after inactivity, using a modified version of their Sardonic backdoor to distribute the Noberus ransomware. This is a part of their… Continue reading FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware

Citrix and Adobe Vulnerabilities Under Active Exploitation

Hackers are exploiting products from Adobe and Citrix, the Cybersecurity and Infrastructure Security Agency warned this week.

Citrix was able to patch a zero-day vulnerability, while Adobe warns of attacks using ColdFusion Zero-Day and releases an urgent update that nearly fixes the issue. Nonetheless, the story is still not over, as these vulnerabilities are still exploited. Citrix and Adobe Patch 0-day Vulnerabilities Simultaneously, products of two companies were hit with critical vulnerabilities… Continue reading Citrix and Adobe Vulnerabilities Under Active Exploitation

Trojanized TeamViewer Installer Spreads njRAT

Hackers exploit third-party software sources to distribure a dangerous remote-access trojan

Threat actors reportedly started using fake TeamViewer to distribute malware. Their particular favourite for the final payload is the infamous njRAT trojan – an old-timer of the scene. Through the tricky spreading scheme, hackers run a multi-stage attack. njRAT Hides in Trojanized TeamViewer App For some reason, people show high levels of trust towards downloading… Continue reading Trojanized TeamViewer Installer Spreads njRAT

Meduza Stealer: What Is It & How Does It Work?

Meduza Stealer is a new malware sample that has a lot of reasons to become a prolific strain

The Malware world evolves constantly, and it would be reckless to ignore newcomers and their potential. Meduza Stealer appears to be a pretty potent stealer variant with its unique features and marketing model. Additionally, this malware may be considered a firstling of a new malware generation – one which breaks old geolocation filtering rules. What… Continue reading Meduza Stealer: What Is It & How Does It Work?

US Military Emails Leaked Massively Due to the Typo

Millions of US military emails, some with confidential information, were sent to wrong addresses

Email letters sent to the US military addresses ended up on similarly-named Mali emails because of the domain name typo. All this started as a mistake, but may transform into a typosquatting attempt for government-grade spying. Typos In Email Addresses Cause US Military Info Leak Well, the fact is here – the US military has… Continue reading US Military Emails Leaked Massively Due to the Typo

Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing

Vulnerability in nOAuth Azure Active Directory that allows adversaries to use the "Log In with Microsoft" feature.

In June, researchers revealed a vulnerability in Azure Active Directory and third-party apps called “nOAuth,” that could result in a complete account takeover. This is just one of the many vulnerabilities in Microsoft software and systems like Active Directory that can be exploited, putting organizations at risk. Although Microsoft has responded to the vulnerability, developers… Continue reading Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing

American Airlines Hacked by Cl0P Gang, MOVEit Involved

Cl0p extortion gang got another large company as a victim

American Airlines, the major airline company in the US, appears to be yet another victim of MOVEit vulnerability. Specifically, Cl0p ransomware gang hackers claim the successful attack upon the co. The post on their Darknet leak site does not disclose much, but the company is most likely already in the negotiations with hackers. What is… Continue reading American Airlines Hacked by Cl0P Gang, MOVEit Involved

Trojan:Win32/Randet.A!plock – What is That Detection?

Windows Defender detects the file as Trojan:Win32/Randet.A!plock? Let's find out why

Windows Defender’s mass detections of Trojan:Win32/Randet.A!plock worries people. Are the user files complained about by Defender malicious? Trojan:Win32/Randet.A!plock Microsoft Defender Detection Recently, users have been actively discussing on thematic forums on the network about Windows Defender triggering on files that, according to the Defender, are Trojan:Win32/Randet.A!plock. According to users, the detected file may be a… Continue reading Trojan:Win32/Randet.A!plock – What is That Detection?