Cybercrime attacks Italy with Super Mario to disguise the Ursnif malware
The banking trojan is spreaded through mails with malicious attachments. It builds a PowerShell command from a downloaded image, thanks to steganography.
Collection #1, the cybercrime hacker behind it is dubbed C0rpz
Recorded Future cyber security experts: He sold it to other two actors: Sanix and Clorox. Also a Russian hacker is sharing a db of 100 billion user accounts.
WordPress has a critical vulnerability in plugin Simple Social Buttons
Cyber security expert Luka Šikić of WebARX: The flaw could allow attackers to modify the installation options. There is a patch, the plugin has to be updated ASAP.
Microsoft urges its users to stop using Internet Explorer
Chris Jackson: We’re not supporting new web standards for it. This could cause serious problems to the users’ cyber security. It has already happened recently.
Cybercrime launched a mass credential harvesting process, leveraging an IoT botnet
Also Italy is affected. MalwareMustDie cyber security experts: bad actors steal info from weak sites, then target finance payment portals and online banking sites.
Airlines, new cyber security flaw puts again passengers privacy at risk
Wandera: A vulnerability in the e-ticketing systems could expose PII to malicious hackers. Less than a month ago a major security breach affected more than 140 companies.
Weaponized emails are top APTs infection vector in today malware landscape
Yoroi-Cybaze cyber security experts: cybercrime and state-sponsored hackers use simple social engineering tricks to lure users to enable the malicious Macros.
Industry, the less protected robots identified thanks to Aztarna
Spanish cyber security startup Alias Robotics developed the tool. It detects vulnerable industrial routers and robots powered by ROS, SROS and other technologies.
Russia hit by new wave of Troldesh (aka Shade) ransomware campaign
ESET cyber security experts: It’s a follow-up of the cybercrime attacks of the last October with the same malware. Also Ukraine, France, Germany, and Japan affected.
WordPress, someone is spreading spam on websites using licence keys
Sucuri cyber security experts: We discovered a very well hidden encoded spam injector malware in an unsuspicious file, that was disguised as a theme’s license key.