NextCry undetectable, scam sites explode, Ad non blocker, and more.


Hi, I’m Paul Torgersen. It’s Monday, November
18th, 2019, and this is a look at the information security news from overnight. From BleepingComputer.com:
A new ransomware called NextCry has been found in the wild and is currently undetected by
antivirus engines on public scanning platforms. It targets clients of the NextCloud file sync
and share service and as of now has no free decryption tool available. From ThreatPost.com:
As the holiday season looms, cybercrooks are going after shoppers with more than 100,000
lookalike domains mimicking legitimate retailers. That is more than double the amount from last
year. And, shockingly, more than 400 percent greater than the number of authentic retail
domains. Spend wisely my friends. From ZDNet.com:
A new malware variant with a low detection rate delivers both the RevengeRAT and WSHRAT
on vulnerable Windows systems. The infection process begins with JavaScript code and URL-encoded
information contained in a text editor. More details in the article. From ThreatPost.com
Hackers are putting a new spin on an old injection technique and successfully end-running endpoint
protection. They are exploiting weaknesses in web browsers to hide in the background
of infected systems and steal user passwords and personal information. Malware in play
includes Agent Tesla and Loki-bot. And last today from ZDNet.com:
Researchers have discovered a new Android malware called FakeAdsBlock (you may see where
this is going) being distributed as an ad blocker for Android, but, ironically, once
installed, pesters victims with ads every couple of minutes. And it asks for some interesting
permissions along the way. You can see all the shady details in the article. That’s all for me today. Have a great rest
of your day and until tomorrow, be safe out there.

Leave a Reply

Your email address will not be published. Required fields are marked *