Though the back end processes are not visible to the end user but they form the backbone of a website. The most challenging task for every full stack developer is to secure the backbone of their website as much as they can. Many webmasters fail to do that, keeping loopholes in security infrastructure of their site thus allowing attackers to take advantage of their resources. Most tech giants nowadays deploy layers of security to protect the privacy of their clients and their clients’ data resides in the database systems of their infrastructure. Previously, these databases resides as a single application inside the server, but now in this digital world, the…
-
-
BRAZILIAN TROJANS ARE NOW PLAYING AROUND THE WORLD
During, this worldwide outbreak, the attackers have emerged with lots of phishing attacks, some of which can be easily detectable and some are even not detectable. There are some attackers who create wants to create a backdoor into your system and there are some who are just restricted to stealing your information between your communication to the server. If we see our records of doing attacks, the top names are always Chinese and Russian. The actors from these communities are heavily engaged in launching attacking around the world for more than a decade. Some big tech giants obviously have some amount of system guards present there that makes it a…
-
GAMING WEBSITE CAUGHT DELIVERING TROJANS
Have you ever been to a site which shows an advertisement stating that “This domain is up for sale.”? Answer must be Yes, everyone as visited such websites but by chance! Most probably, when you see such a website, you just exit from that URL and surf to another website. But some have other type of mind setup. We all know that how domain name plays an important role in SEO for your website. Infact, good domain name make the visitors come back to your website or sometime a domain name of yours might inspire someone. So, if you by chance reached a site which states that this domain is up…
-
THE RETURN OF CHINESE FAKESPY
Back in mid-2018, Trend Micro researchers revealed a campaign that was targeting Japanese and Korean Speaking users with a trojan or we can say infostealer named as Fakespy. This campaign impersonates the end user of being a legit banking app but ended up delivering trojan in the target user’s device. Following this campaign, today some researchers from Cybereason unveiled this campaign which has revived with more capabilities of affecting its users. Now this campaign is not only targeting the Korean users, but it is affecting users all around the world, especially users in countries like China, Taiwan, France, Switzerland, Germany, United Kingdom, United States, and others. This campaign targets its users…
-
THANATOSCRYPT IS EXPLOITING BLUEKEEP VULNERABILITY TO MINE CRYPTO FROM YOUR SYSTEMS
Some days before, Ethical Debuggers presented how Chinese hackers are attacking servers to mine cryptocurrency from them. Today, we are presenting a similar campaign ,which is currently going on ,to mine cryptocurrency from your systems . It was found by Tencent Security Intelligence Team. This time the hackers used a simple phenomenon to attack on your systems. They used a Bluekeep vulnerability which was discovered in early May, an year ago. It was a vulnerability in Microsoft’s Desktop Protocol and allows attacker to execute arbitrary code post exploitation. This vulnerability was regarded as one of the high-risk vulnerability and can be tracked via CVE-2019-0708. On 6 September 2019, Metasploit launched…
