Cybersecurity specialists from India reported the detection of Drinik, a new variant of for devices that masquerades as a fake tax refund notification in order to access victims’ financial information, including their online banking login credentials.

In the attacks reported so far, users receive an SMS message containing a link, which redirects to a phishing website very similar to the official platform of the Income Tax Department. Upon entering this website victims find a form for them to enter their confidential information and download a malicious APK.

This application, disguised as a tool for calculating taxes, will ask the user…

Cybersecurity specialists notified of the detection of two vulnerabilities in the popular Ninja Forms plugin. According to the report, successful exploitation of the flaws could allow malicious hackers to extract sensitive information and send emails from compromised websites.

The report, presented by Wordfence, mentions that the flaw in this plugin with more than one million active installations exists because its main function for creating shapes is based on an insecure implementation of the mechanism that verifies a user’s permissions.

This means that instead of ensuring that a logged-in user had the appropriate permissions to perform certain actions, Ninja Forms only…

Cybersecurity specialists report the detection of a massive campaign in which threat actors pose as employees in order to trick the user into downloading and installing a banking Trojan on their devices.

Apparently, the campaign operators pretend to send the user a backup of their conversations and call history, so it is highly likely that potential victims will fall into the trap.

In one of the detected messages, a subject line can be seen mentioning “WHATSAPP BACKUP *913071605”, although it is most likely that all the messages that are part of this campaign use this tactic with all potential victims…

One of the main variants of attack against Windows systems is the abuse of Active Directory using tools for credential theft such as Mimikatz. According to network security specialists, the use of Mimikatz and other similar tools allows threat actors to extract passwords stored in memory from the Local Security Subsystem Service (LSSAS. EXE), so it is considered a severe security threat.

This time, network security experts from the International Institute of Cyber Security (IICS) will show you the best methods to protect against password theft using Mimikatz, allowing you to consolidate a complete cybersecurity environment.

As usual, we remind…

The U.S. Department of Justice (DOJ) announced that a Pakistani citizen has been sentenced to 12 years in prison after being found guilty of bribing employees of the telecommunications company , causing them to install malware on their computer systems and allowing illegal access to nearly 2 million smartphones, generating huge losses for the company.

Muhamad Fahd, 35, paid more than $1 million in bribes to the company’s employees over the course of nearly a year, acting in complicity with a now-deceased individual to conduct complex fraud operations.

The scammers began working in 2012, contacting some employees at a Washington-based…

Cybersecurity experts report that two legacy IBM System x server models recalled in 2019 are exposed to multiple attack variants due to the presence of a severe vulnerability. While this flaw will not receive security updates, manufacturers have already offered an alternative solution to mitigate the risk of . The vulnerability was tracked as CVE-2021–3723 and the report is attributed to researcher Denver Abrey.

According to the report, the vulnerable models are IBM System x 3550 M3 and IBM System x 3650 M3, which are affected by command injection attacks. Successful exploitation of the flaws would allow threat actors to…

The term web application firewall (WAF) refers to a set of monitoring tools and filters designed to detect and block network attacks against a specific web application. According to pentesting experts at the International Institute of Cyber Security (IICS), these are security tools that, in real time, decide whether to allow or deny access to an online deployment.

Like any other security solution, a WAF is only a complementary solution for a comprehensive security environment, so it must be implemented along with other elements such as incident monitoring tools or anti-fraud systems.

A pentesting process against a WAF allows researchers…

Recent security reports indicate that the results of tests conducted by the pharmaceutical company Walgreens could be exposed to threat actors. According to the report, the would include full names, dates of birth, gender, phone numbers and email addresses of millions of customers.

A spokesman for the pharmaceutical company denied such reports, saying that the protection of its users’ information is Walgreens’ top priority: “We have implemented a reliable security program in order to protect the confidential data of our patients.”

The spokesperson adds that the report revealing the leak is the product of an inaccurate assessment of the company’s…

Since its mass adoption as an instant messaging platform, has been a tool widely used by cybercriminal groups to deploy some scam variants. One of the most recent fraudulent operations on this platform was detected in Mexico, with dozens of users receiving an alleged job offer from the fake company Victoria Marketing Alliance.

Although it is unknown exactly who may be behind the message and their intentions, cybersecurity specialists warn that the message puts both the user’s information at risk and opens the possibility of being severely scammed.

The sender of the message claims to be in a recruitment campaign…

A recent report claims that the iON TCS platform was compromised, resulting in the leak of multiple details about the JEE Mains exam. The Central Bureau of Investigation (CBI) has launched an investigation, hoping to quickly find information about the perpetrators of the .

TCS iON is a system designed to conduct nationwide exams, including NEET and JEE Mains assessments in the safest and best evaluated way possible. This is the most important provider of this kind of services in India.

According to initial reports, the iON platform has been compromised and the IWC has arrested three directors of a…

Eli Cyber Security

Knowledge belongs to the world

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store