News

Microsoft is warning of malware, Dexphot, that has infected more than 80,000 machines, sucking up their CPU power in order to mine cryptocurrency. Researchers first discovered Dexphot in October 2018 and saw its activity peak during July. They said that the malware has a complex attack chain and also uses various methods to outwit detection efforts, including an obfuscated script designed to check for antivirus products, and regularly-scheduled malware updates. Source: Threatpost

Twitter warned its users that a software development kit (SDK) developed by oneAudience could have allowed that company to obtain account information. Facebook also posted a notice concerning not only the oneAudience SDK, but also for fellow SDK maker Mobiburn. OneAudience confirmed the problem and then shut down the SDK along with its associated websites but said the data was never intended to be collected, never added to its database and never used. Source: SC Magazine

Fifteen months after DiBella’s Old Fashioned Submarines was notified by the FBI and credit card companies of a data breach the sandwich shop chain has issued a notice informing its customers of the incident. The company reported its stores in Connecticut, Indiana, Michigan, Ohio, New York and Pennsylvania may have had the information on as many as 305,000 payment cards compromised. DiBella’s said it was informed by the FBI and its credit card firms on...

In a statement at midday today (local time), Spanish multinational security company Prosegur announced that it was the victim of a cybersecurity incident disrupting its telecommunication platform. The company restricted communications with its customers to avoid malware propagation. Although there is no official confirmation, BleepingComputer has learned that the attack affects all Prosegur locations in Europe. Source: BleepingComputer

It’s funny how hackers, phishers, and scamsters can be blatantly obvious and inexplicably unpredictable at the same time. I’m saying obvious because they target the most widely used services/platforms and lots of users know what they’re up to — not just security professionals, but many ordinary users know about these phishing scams and what to look for. Source: Security Boulevard

The BBC reports that the grotty image was shared early afternoon on 25 November, but was quickly taken down. An official from the Welsh government said the filthy tweet was down to a cyber attack, not the clumsy clicking of some civil servant. And that's all we really know about the whole situation, with details being rather woolly and statements from the government being somewhat sheepish. Source: The Inquirer

A vulnerability in the WhatsApp for Android that was found, disclosed and patched can still affect thousands of additional apps that have not been patched. CVE-2019-11932 allows attackers to use a maliciously coded GIF files to remotely execute code was made public on Oct. 2, 2019 and then patched in WhatsApp version 2.19.244 takes advantage of a library called libpl_droidsonroids_gif.so which is part of the android-gif-drawable package that is used in many other applications, Trend Micro reported....

A new ransomware called DeathRansom began with a rocky start, but has now resolved it's issues and has begun to infect victims and encrypt their data. When DeathRansom was first being distributed, it pretended to encrypt files, but researchers and users found that they could just remove the appended .wctc extension and the files would become usable again. Starting around November 20th, though, something changed. Source: Bleeping Computer

While most users are familiar with phishing scams that attempt to steal a user's login credentials, phishers also use emails to lure consumers to fake retail sites in order to steal their money or sell cheap knockoffs. Phishers Create Fake Sites as Bait for Holiday Shopping Deals Source: Bleeping Computer

Remember the Y2K bug that threatened computer programs to go crazy on January 1, 2000? A similar timestamp recognition problem is affecting Splunk platform instances neglected by their administrators before 2020. Source: Bleeping Computer