Hacks

Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools (RATs) and cryptominers. Named " Vollgar " after the Vollar cryptocurrency it mines and its offensive "vulgar" modus operandi, researchers at  Guardicore Labs  said the attack employs password brute-force to breach Microsoft SQL servers with weak credentials exposed to the Internet. Researchers claim the attackers managed to successfully infect nearly 2,000-3,000 database servers daily over the past few weeks, with potential victims belonging to healthcare, aviation, IT & telecommunications, and higher education sectors across China, India, the US, South Korea, and Turkey. Thankfully for those concerned, researchers have also  released a script  to let sysadmins detect if any of their Windows MS-SQL servers have b...

Researchers discovered a mass malware distribution campaign that utilizing the well-known political figures in the U.S. including President Donald Trump, former presidential candidate Hillary Clinton with a series of ransomware, screen lockers, RATs and other malicious applications. A variety of malicious applications uncovered with this campaign, and it was developed to infect the victims with ransomware, implant a backdoor in organization networks with political motivation. Researchers believe that the malware authors are motivated by their political beliefs and turned into malware distribution in different forms. Malware Infection Process Initially, attackers deliver the malware via malspam email campaigns with fake body content related to banking fraud alerts, and it comes from the director of Global Risk for credit card company Visa. The malspam emails come with a malicious attachment that contains RTF files, once it opened, RTF documents retrieve a malicious PE32 e...