Cybercriminals have exploited the release of another Windows update to launch an attack.
According to the experts from Trustwave, Internet users receive emails in which they are informed about the need to install an important system update.

Email content: “Please install the latest critical update Microsoft attached to this email”

Attached to the message is a fabricated file with *.JPG extension, which is actually a script that launches the download of the Cyborg ransomware.
Ransomware encrypts data on the disk, thus forcing a ransom. The data decryption value is estimated at $500. 

Cybercriminals have once again used Lidl and Auchan brands. Multiple users are receiving SMS phishing, where potential victims are informed about a lottery in which they can win iPhone 11.

According to CERT Orange Poland, if the victim decides to participate in the lottery, after four questions, 9 boxes appear, in which the prize should be hidden. When victims see the icon of iPhone 11 in one of the boxes, they are informed that they were selected for pre-release testing of the smartphone. There is only one step necessary to receive the phone - a bank transfer of 1-2 euros to cover ‘shipping cost’.

As experts from CERT warn, participation in the lottery can cost us all the savings from the bank account

Telephone fraud scam where fraudsters make money on inter-operator charges, is becoming more and more popular.

The scammers have gone so far as to pick their phone number, so that it looks like the call is originating from Polish area code, while in fact it is an international prefix. This is, of course, related to the appropriate charge for the connection. A person who will try to call back on such a phone number may be unpleasantly surprised once monthly bill arrives with charges of up tens of PLN.

Recently, the Office of Electronic Communications has warned against fraudster from Africa, such connections, with multiple connections in the Śląskie Voivodeship.

Area

Santander Bank issued a mesage in which it warns of fraudsters impersonating various banks. Cybercriminals send SMS messages of various types.

The text message contains a link that directs users to the fake quick payment page. The content of the message may relate to:
-    Courier surcharge,
-    Bailiff payment, in which the victim is informed of a debt of several PLN,
-    Settling of fees on the auction site so that the listing does not disappear,
-    Information about blocked access to online banking.

The bank warns that one click on the provided link gives th

Cybercriminals try to fool Polish Post’s customers. They send text messages, in which they inform about changes in service fees, due to which an additional payment is required.

The surcharges are as small as PLN 1, so many people may try to make the payment in order to have their debt cleared.

The content of the SMS is as follows:
“In connection with the change in the service fees on 04.11.19, we inform that your parcel requires a surcharge of PLN 1.00 to continue the delivery. https://pp-sa.net/doplata”

The text message is signed as “Polish Post”, it is also listed under real messages from the company, if the victim received any in the past.

Starting in May 2019, the xHelper Trojan has been attacking Android users. Since then, its activity has increased significantly, and now it is listed as one of the 10 most frequently detected mobile threats. The Trojan is very difficult to remove.

Symantec reports that 45,000 devices are infected with the virus, and on average 131 mobile devices are infected per day. The source of the infection was narrowed down to websites with applications from outside of the Google Play Store.
MalwareBytes experts say the Trojan is distributed through fake gaming sites. In contrast, Symantec claims that xHelper is downloaded by a malicious system app.

Currently, antivirus software cannot cope with the above thr

There has been a large data leak from the database of subscribers of Spotify streaming service. Spotify platform is used by over 200 million users, of which 100 million are subscribed to the paid version.

The leak concerns 25,000 emails and passwords, there are at least 326 Polish accounts in the publicly available data package.
Anyone with access to the above data could in to the listed users accounts. Therefore, the CERT Polska team has decided to directly notify all persons from Poland whose data was listed in the leak. Each user received a leak notification, with a recommendation to change their password.

At present, it is not known who is responsible for the data leak and how the data of Spot

Tor browser provides anonymity on the web, allows you to visit websites using the Tor network, where it is possible to hide real user data.

According to the experts from ESET, the malicious version of Tor is distributed via a link placed on Internet forums, more precisely two, that impersonate the original installer page. The software installation package is undetectable by antivirus programs, and is modified in a way that disables automatic update functionality.

Cybercriminals modified the HTTPS Everywhere extension so that it contains a JavaScript that loads on every visited website.

According to experts from ESET the script modifies QIWI online money trans

InPost warns its email recipients about cybercriminals trying to impersonate the company using text messages. Cybercriminals send messages with a download link a mobile app for tracking information.

According to InPost, the link included in the message is dangerous and leads to infected domain inpost24[.]tk. 

If the victim clicks on the link it will to installation of Cerberus malware on Android devices. Thanks to this, cybercriminals will be able to steal data and funds from the bank account.

InPost states that it never sends links to pages outside of the inpost.pl domain in a text message. At the same time, it asks that in the even a similar incident

Biometric seems to be a sure way of ensuring the safety of a smartphone by preventing unauthorized persons from accessing our data. However, in the case of Samsung Galaxy S10 biometrics is fiction.

According to BBC, everyone is able to unlock the phone, there is only one required condition, smartphone must have a screen protector or a piece of transparent plastic applied on the screen.

The vulnerability was discovered by a British woman that noticed she could unlock her husband’s phone after covering it with foil. The incident was reported to Samsung, which replied that they would take a look at the matter, and at the moment recommends using authorized accessories designed for use with Samsung products.&

Google Chrome and Firefox have become a target of the attack by Russian hackers. Hackers have created a code that allows them to track and eavesdrop on the encrypted traffic.

Hackers are able to take control of the browser by spoofing security certificates. The code authenticates the activities of the protocol ensuring confidentiality during data transfer, the so-called TLS - Transport Layer Security. The TLS protocol ensures confidentiality and integrity of data transmission, and also provides server authentication.

According to Kaspersky, the hackers come from the well-known Turla group and have targeted Internet users from Russia and Belarus. However, cyberminals’ motives are yet to be known. It is sp

Rossmann store has issued a message in connection with fraudulent “you have won a competition” messages. The shop’s customers received fake text messages informing them about the win in the contest, directing the victim to a website where credit card number needs to be provided.

If one of the clients provides his details, a paid subscription is immediately charged on the card, with withdraws up to PLN 300 per month from the account!

According to Rossmann, the content of the text message varies:

-       “We were trying to contact you about your winnings. Get it here: http: // …..”

-      

The dangerous Emotet Trojan, which after a few months of inactivity made itself felt by attacking Internet users with fake emails, has this time targeted mBank customers.

mBank warns of dangerous phishing campaign. Cybercriminals send virus by email in the form of a Word file attachment or a link to a page containing the malicious file.

As the bank explains, the goal of cybercriminals is to intercept login credentials for banking systems in order to extort money. What’s more, the Emotet virus steals passwords saved in browsers and intercepts messages and contact details from mailboxes, so it can pretend to be the victim.

You should pay close attention to the sender�

A Danish manufacturer of hearing aids and bone implants and hearing aid devices, with a branch in Szczecin, was attacked by cyber criminals, which resulted in a complete paralysis of the production line.

On the third of September, one of the company’s employees informed wszczecinie.pl portal that the employees had been released earlier, with a big question mark about the next working day. It had been speculated that the hacker attack on DGS originated from China and that once someone attacks a server in Denmark, all production in Europe is halted. However, at that moment, the director general of DGS Poland, according to the wszczecinie.pl portal, said that the company was struggling with network problems and did not confirm the suspected cyb

Fortinet experts have discovered a vulnerability in WordPress that allows cybercriminals to bypass the JavaScript and HTML filter, thus enabling a cross-attack using malicious script.

According to the Chip portal, the vulnerability particularly affects users with an administrative account privileges. The vulnerability affects WordPress versions 5.0 to 5.04, as well as 5.1 and 5.11.

Thanks to the vulnerability, cybercriminals are able to take over control of the account and the server on which the sites operate.
If you are using WordPress versions listed above, download the security patch immediately.