An old highly customizable trojan malware is being distributed via email in a new phishing campaign claiming that a payment is being made to your bank account. This trojan first appeared in 2016. It is known as the Remcos remote access trojan and has been modified since its first appearance.
Available to crooks for as little as $58, the malware is an information stealer and surveillance tool, using capabilities including keylogging, taking screenshots and stealing clipboard contents to secretly take usernames and passwords from infected victims.
The email is delivered with an attached zip file containing the malicious code. It attempt to trick you into opening the zip file which purportedly contains info about the deposit into your bank account. The zip file contains a gateway to a .TXT extension which will run a PowerShell script installing the malware onto the Windows machine. It will add itself to auto-start when the machine is powered up.
Read more at this link;
https://www.zdnet.com/article/phishing-alert-this-fake-email-about-a-bank-payment-delivers-trojan-malware/
Major German manufacturer still down a week after getting hit by ransomware
Pilz, a German company making automation tool, was infected with the BitPaymer ransomware on October 13.
https://www.zdnet.com/article/major-german-manufacturer-still-down-a-week-after-getting-hit-by-ransomware/
Ransomware: These are the most common attacks targeting you right now
An analysis of ransomware reporting over the past six months shows that while there's a big focus on big targets, going after individual users is still very popular.
Recent ransomware attacks targeting schools, hospitals, and local governments might suggest that cybercriminals have shifted away from distributing file-encrypting malware to individuals in favor of going after whole networks. But the most common ransomware campaign of the last six months is targeting home users.
The most common ransomware targeting home users, over 56% belongs to one family of malware which first appeared in 2018. Known as Stop - aka DJVU, it is almost karma since it is mainly distributed by torrent websites. These sites typically distribute cracked software and movies where individuals attempt to get the product without paying for it. The malware is often hidden in these cracked versions.
to read more about this, click the following link;
https://www.zdnet.com/article/ransomware-these-are-the-most-common-attacks-targeting-you-right-now/
Phorpiex botnet made $115,000 in five months just from mass-spamming sextortion emails
Sextortion emails look silly for most of us, but there are many users who take them at face value and pay up.
Recently there has been a rise in emails purporting to have compromising images of their targets acquired from their webcam by the placement of a trojan or malware when the targetted user visited an adult website. In all cases, the sender of the email wants to blackmail the target by threatening to send videos or pictures to the targets contact list. The payoff is to be made in bitcoin to a link within the email. These are known as "sextortion schemes".
There have been 5 waves of these schemes since April 2019. In some of the emails, the spammer will even have an old password acquired through one of the many breaches of banks, credit cards, and other valid sites. BTW, if you have received one with an old password and still employ that password, be sure to change that password on any site you still use.
This uptick in use of this attack has been attributed to a spam botnet, call Phorpiex or "Trik". The Phorpiex botnet made $115,000 in five months just from mass-spamming sextortion emails
"According to a report shared with ZDNet last week, some of these mass-mailed sextortion waves peaked at 27 million emails per campaign, with some of the Phorpiex-infected computers sending out up to 30,000 sextortion emails per hour -- when the botnet was maxing out."
This botnet is not new and researchers now say most targetted victims were part of a breach and could have found they were compromised within the "Have I Been Pawned" database. How many blogs have I written imploring readers to check to see if they were part of a breach? https://haveibeenpwned.com/
To read more, use the links below;
https://www.zdnet.com/article/phorpiex-botnet-made-115000-in-five-months-just-from-mass-spamming-sextortion-emails/?ftag=TRE-03-10aaa6b&bhid=27630927001468733386426006914379
Inside the mind of a sextortion scam artist
Do they really have access to your browsing habits and data?
https://www.zdnet.com/article/inside-the-mind-of-a-sextortionist-scam-artist/
Alexa and Google Home devices leveraged to phish and eavesdrop on users, again.
Exclusive: Amazon, Google fails to address security loopholes in Alexa and Home devices more than a year after first reports.
It should be no surprise that Smart Assistants are being utilized by hackers to eavesdrop on unsuspecting owners and trick them into handing over sensitive data.
Technically, the attacks against Amazon and Google Home smart assistants aren't new. The first attacks against the devices surfaced in April 2018. Countermeasures and patches were enacted then, however, hackers are finding new avenues to exploit the devices.
The latest was discovered by Researchers at SRLabs. Backend code that both Amazon and Google provide App developers is being used by hackers for phishing and eavesdropping.
These backends provide access to functions that developers can use to customize the commands to which a smart assistant responds, and the way the assistant replies.
The SRLabs team discovered that by adding the "�. " (U+D801, dot, space) character sequence to various locations inside the backend of a normal Alexa/Google Home app, they could induce long periods of silence during which the assistant remains active.
to read more, click on the following link;
https://www.zdnet.com/article/alexa-and-google-home-devices-leveraged-to-phish-and-eavesdrop-on-users-again/?ftag=TRE-03-10aaa6b&bhid=27630927001468733386426006914379
New DForce Intel Generation 9 based Workstations
Intel's Generation 8 and 9 based workstations represent huge improvements over prior generations. Performance gains from the increased number of cores and larger cache are two of the many enhancements you gain from a new workstation based on these CPUs. SSDs (solid-state drives) have never been so affordable and the read/write performance is dramatically noticeable.
