The first and foremost step in the Man-in-the-Middle (MitM) attack is to intercept internet traffic before it reaches its destination. Once the interception is achieved, the SSL traffic has to be decrypted without the user’s knowledge and without interrupting the application. Man-in-the-Middle (MitM) is an attack where the attacker eavesdrops on the communication between two parties, commonly between a user ...
Read More »Blog
UNNAM3D ransomware asks for Amazon gift cards to unlock archived files
Dubbed as ‘UNNAM3D’, the ransomware archives users’ files found under Desktop, Documents, and Pictures in individual RAR archives. After infecting systems, UNNAM3D then asks victims’ to purchase $50 Amazon gift cards and send it to the malware developer on Discord. A strange gift-card seeking ransomware has surfaced in the online space. It is reported that the ransomware which is known ...
Read More »Toyota reports second breach in five weeks
cknowledged a breach – this one affecting 3.1 million customers at its subsidiaries while the first was in Australia and believed to be the work of Ocean Lotus, or APT32. The company isn’t yet sure if the hackers nicked any data from its systems but said customers of subsidiaries, including , Lexus Koishikawa Sales, Lexus Nerima, Toyota Tokyo Sales Holdings, ...
Read More »‘Long-term security risks’ from Huawei
The Chinese company Huawei has been strongly criticised in a report by the body overseeing the security of its products in UK telecoms. The report, issued by the National Cyber Security Centre, which is part of GCHQ, says it can provide “only limited assurance that the long-term security risks can be managed in the Huawei equipment currently deployed in the ...
Read More »New Bill to Protect U.S. Senate Personal Devices, Accounts from Hackers
U.S. senators and their staff will receive assistance from the Senate Sergeant at Arms (SAA) to protect their accounts and devices from cyber threats if a bipartisan bill introduced by Senators and Senate Intelligence Committee members Ron Wyden (D-Ore) and Tom Cotton (R-Ark) will be signed into law. The Senate Cybersecurity Protection Act, S. 890, would allow the SAA — ...
Read More »Researchers publish the list of 583 MAC addresses impacted by recent ASUS hack
The security firm Skylight released the list of 583 MAC addresses out of the total 619 targeted by the attackers. The researchers disassembled Kaspersky’s diagnostic tool to get the full list of addresses. In a recent attack campaign, attackers distributed a backdoored version of ASUS Live Update utility to target ASUS laptop users. It was Kaspersky Lab’s Global Research and ...
Read More »Police make 61 arrests in global crackdown on dark web
Law enforcement agencies from the US, Canada and Europe, including the UK, have joined forces to target suppliers and buyers of illegal goods on dark web marketplaces and warn buyers of risks nternational law enforcement agencies made 61 arrests and shut down 50 dark web accounts used for illegal activity in a joint operation, Europol has announced. As a result of 65 ...
Read More »UC Browser violates Google Play Store policies and raises security concerns by downloading extra modules
UC Browser and UC Browser Mini Android apps violate Google Play Store policies by downloading and installing extra app modules thereby exposing its users to MitM attacks. This updating feature is present in the UC browser application since 2016. What is the issue – UC Browser and UC Browser Mini Android apps violate Google Play Store policies by downloading and ...
Read More »Over 110,000 Australians affected by cyberattack on Facebook last September
The hackers had gained access to a variety of data that includes the users’ movements, hometown, search history, email addresses and phone numbers. The attack occurred due to three flaws in the website. The massive Facebook cyberattack that occurred last year, has affected more than 110,000 Australians. The attack had affected roughly 29 million individuals worldwide. The big picture – ...
Read More »Decryption tool created for ransomware designed to boost PewDiePie subscriptions
A PewDiePie fan has taken his admiration of the popular video game commentator a little too far, creating a ransomware designed to increase the YouTube star’s subscriber count. Fortunately, anti-malware company Emsisoft last week announced a new a decryption tool that restores machines infected by the unusual malware, named “PewCrypt.” On its website, Emsisoft describes PewCrypt as a Java-based ransomware that AES and RSA ...
Read More »