Mass Email Campaign Spreading The Emotet Banking Trojan

There is another large-scale spam campaign going to spread the Emotet banking trojan. The Emotet banking trojan is mostly used as the dropper for other payloads like ICedID, Trickbot, Zeus Panda Banker and a few others. These infections can scan and harvest different types of sensitive information, scan email 180 days back,  have the ability to open firewall ports and it can spread around in the network like a worm.

So how is this infection infiltrate a network? Well this infection comes in as an email with an attachment being a word doc or pdf doc. When you open up the document and click on a link and allow it to run that’s when you have compromised the system and potentially the entire network.

Do you have the best AV around? Sometimes that doesn’t help there are new variants of this Emotet payload being created every day and it can … Read the rest


Growing Botnet Uses 5 Year Old Router Flaw

A brand new botnet which is a variant of the BCMUPnP_Hunter is taking advantage of this 5 year router flaw and 360 Netlab research shows that hundreds and thousands of of bots have already seeded themselves into routers.  This same bot takes advantage of the same vulnerability that was discovered in 2013 (  BroadCom UPnp Vulnerability ).

Once the targeted router has been taken over the hacker can make Proxy changes to the next work profit from scripting simulation clicks and using mail servers like Outlook, Hotmail, and Yahoo mail just to take a few to send massive amounts of spam from your network.

Affected Router Brands Are:

  • D-Link,
  • Linksys,
  • Technicolor router,
  • Netgear
  • Asus
  • Trendnet
  • Belkin
  • TP-Link,
  • ZTE,
  • Zyxel,
  • NetComm,
  • ISP CenturyLink Routers

You may want to look up your router model and see if you are affected. Contact me on Linkedin, Twitter or through email if you need assistance … Read the rest


A New Intel CPU Exploit which uses Hyper-threading to steal encrypted data

A New Intel CPU Exploit : As if the Intel CPU couldn’t catch a break. A team of researches discovered a serious side-channel vulnerability in the CPU which could allow the attacker to find protected data like OPENSSL keys, Cypto Keys, Passwords and other processes that are running but only if the CPU has multi-threading feature enabled. They have dubbed the Vulnerability PortSmash (CVE-2018-5407), This Vulnerability is just as dangerous as the Meltdown and Spectre, TLbleed and Foreshadow.

So how do you protect yourself for the PortSmash vulnerability? The only method right now is to disable SMT/Hyper-Threading in the CPU chip’s BIOS until Intel releases security patches.

OpenSSL software is offering users a patch that can prevent the exploit from its own software.

Read the rest

Kraken Ransomware Adopts RaaS Model

The author of Kraken Ransomware has adopted the ransomware-as-a-service (RaaS) Model.  In the Dark Web you can find more details about joining the affiliate program which requires a small fee to be considered a trusted partner. The interesting part about this affiliate program is that you get about 70% to 80% of the earnings and requires little to no knowledge of the criminal of deployment or software coding. The developer gets enough kick back to continue updates to the software code. This means they can afford a bigger Dev Team and instead of updates and revisions of Kraken taking a week or two they can do it within a day or a matter of hours. This put Antivirus providers on their toes day to day. I believe the integration of some sort of AI intelligence must play a roll here to combat these Zero Day ransomware infections. Regardless no matter … Read the rest


PoC exploit to deploy Malware using Youtube and Microsoft Office.

Cleaver hackers always finding a loop hole. There is a new PoC exploit utilizing Microsoft Words embedded video feature and YouTube thumbnail videos. The hackers go about placing a HTML script behind the image of the video. When the user clicks the video the HTML code is executed by Internet Explorer. Presto you have been injected with malware or ransomware. Be careful about those shady incoming email’s with attachments and especially those that end in .xml prefix.

 

Read the rest
Windows Tutorials

How to Resolve Windows Updates Not Installing

Having trouble with Windows updates not installing? Discover effective solutions to fix update installation issues and keep your system up to date.

Windows updates are crucial for maintaining the security and functionality of your computer system. They provide bug fixes, performance improvements, and the latest features from Microsoft. However, at times, you may encounter issues where Windows updates fail to install properly. In this article, we will explore common reasons behind this problem and provide effective solutions to resolve it.

1. Introduction

Windows updates play a vital role in keeping your operating system secure and up to date. They ensure that your computer is equipped with the latest security patches, bug fixes, and improvements from Microsoft. However, it can be frustrating when you encounter issues where Windows updates fail to install.

In this comprehensive guide, we will discuss various troubleshooting steps and methods to resolve the issue of Windows updates … Read the rest

Windows Tutorials

How To Fix Windows 10 File Explorer Crashing

Fix Windows 10 File Explorer crashes: Clear Quick Access history by navigating to File Explorer options, selecting Privacy, and clicking Clear.

There is a Windows 10 feature in File Explorer called “Quick Access”. This feature allows you easy access files and folders you frequently use, either it be locally or on the network and OneDrive.

Quick Access can make your workflow faster by making it so you don’t have to navigate to a file’s or folder’s that are buried deep in a directories file system. However, on occasion you may want to delete the Quick Access history to help maintain some privacy or quicker access or just resolve the explorer crashing issue

Clearing Windows 10 Quick Access History

  1. Click Start or Cortana’s search field and type: file explorer options and hit Enter or click the option at the top of the search results.

2. Now in the Privacy section make … Read the rest


Resolving Failed VSS Writer Issues

Look for messages in your Windows Event logs.

When VSS fails you will always get a corresponding message in your Windows event log.

  1. Right click on ‘My computer’
  2. Select ‘Manage’
  3. Expand the ‘Event Viewer’ node
  4. Look in the ‘Application’ message node for error messages relating to ‘VSS’, ‘Shadow Copy’ or ‘VolSnap’.
  5. If you find any messages then these with give you an ‘Event ID’ and sometimes a ‘Result Code’ or ‘hr’. These two pieces of information can generally pin point the cause of your VSS failure. Try Googling the Event ID(s) and Result Code(s) for more information if the steps below do not resolve the issue.

Make sure that the VSS service isn’t disabled

Changing the startup type of the VSS service and rebooting can often resolve issues.

  1. Right click on ‘My Computer’.
  2. Select ‘Manage’.
  3. Select the ‘Services’ tree node.
  4. Right click on ‘Volume Shadow Copy’
  5. Select Properties
  6. Change the
Read the rest

Stay Informed

Receive instant notifications when new content is released.