Santander Bank issued a mesage in which it warns of fraudsters impersonating various banks. Cybercriminals send SMS messages of various types.

The text message contains a link that directs users to the fake quick payment page. The content of the message may relate to:
-    Courier surcharge,
-    Bailiff payment, in which the victim is informed of a debt of several PLN,
-    Settling of fees on the auction site so that the listing does not disappear,
-    Information about blocked access to online banking.

The bank warns that one click on the provided link gives th

Cybercriminals try to fool Polish Post’s customers. They send text messages, in which they inform about changes in service fees, due to which an additional payment is required.

The surcharges are as small as PLN 1, so many people may try to make the payment in order to have their debt cleared.

The content of the SMS is as follows:
“In connection with the change in the service fees on 04.11.19, we inform that your parcel requires a surcharge of PLN 1.00 to continue the delivery. https://pp-sa.net/doplata”

The text message is signed as “Polish Post”, it is also listed under real messages from the company, if the victim received any in the past.

Starting in May 2019, the xHelper Trojan has been attacking Android users. Since then, its activity has increased significantly, and now it is listed as one of the 10 most frequently detected mobile threats. The Trojan is very difficult to remove.

Symantec reports that 45,000 devices are infected with the virus, and on average 131 mobile devices are infected per day. The source of the infection was narrowed down to websites with applications from outside of the Google Play Store.
MalwareBytes experts say the Trojan is distributed through fake gaming sites. In contrast, Symantec claims that xHelper is downloaded by a malicious system app.

Currently, antivirus software cannot cope with the above thr

There has been a large data leak from the database of subscribers of Spotify streaming service. Spotify platform is used by over 200 million users, of which 100 million are subscribed to the paid version.

The leak concerns 25,000 emails and passwords, there are at least 326 Polish accounts in the publicly available data package.
Anyone with access to the above data could in to the listed users accounts. Therefore, the CERT Polska team has decided to directly notify all persons from Poland whose data was listed in the leak. Each user received a leak notification, with a recommendation to change their password.

At present, it is not known who is responsible for the data leak and how the data of Spot

Tor browser provides anonymity on the web, allows you to visit websites using the Tor network, where it is possible to hide real user data.

According to the experts from ESET, the malicious version of Tor is distributed via a link placed on Internet forums, more precisely two, that impersonate the original installer page. The software installation package is undetectable by antivirus programs, and is modified in a way that disables automatic update functionality.

Cybercriminals modified the HTTPS Everywhere extension so that it contains a JavaScript that loads on every visited website.

According to experts from ESET the script modifies QIWI online money trans

InPost warns its email recipients about cybercriminals trying to impersonate the company using text messages. Cybercriminals send messages with a download link a mobile app for tracking information.

According to InPost, the link included in the message is dangerous and leads to infected domain inpost24[.]tk. 

If the victim clicks on the link it will to installation of Cerberus malware on Android devices. Thanks to this, cybercriminals will be able to steal data and funds from the bank account.

InPost states that it never sends links to pages outside of the inpost.pl domain in a text message. At the same time, it asks that in the even a similar incident

Biometric seems to be a sure way of ensuring the safety of a smartphone by preventing unauthorized persons from accessing our data. However, in the case of Samsung Galaxy S10 biometrics is fiction.

According to BBC, everyone is able to unlock the phone, there is only one required condition, smartphone must have a screen protector or a piece of transparent plastic applied on the screen.

The vulnerability was discovered by a British woman that noticed she could unlock her husband’s phone after covering it with foil. The incident was reported to Samsung, which replied that they would take a look at the matter, and at the moment recommends using authorized accessories designed for use with Samsung products.&

Google Chrome and Firefox have become a target of the attack by Russian hackers. Hackers have created a code that allows them to track and eavesdrop on the encrypted traffic.

Hackers are able to take control of the browser by spoofing security certificates. The code authenticates the activities of the protocol ensuring confidentiality during data transfer, the so-called TLS - Transport Layer Security. The TLS protocol ensures confidentiality and integrity of data transmission, and also provides server authentication.

According to Kaspersky, the hackers come from the well-known Turla group and have targeted Internet users from Russia and Belarus. However, cyberminals’ motives are yet to be known. It is sp

Rossmann store has issued a message in connection with fraudulent “you have won a competition” messages. The shop’s customers received fake text messages informing them about the win in the contest, directing the victim to a website where credit card number needs to be provided.

If one of the clients provides his details, a paid subscription is immediately charged on the card, with withdraws up to PLN 300 per month from the account!

According to Rossmann, the content of the text message varies:

-       “We were trying to contact you about your winnings. Get it here: http: // …..”

-      

The dangerous Emotet Trojan, which after a few months of inactivity made itself felt by attacking Internet users with fake emails, has this time targeted mBank customers.

mBank warns of dangerous phishing campaign. Cybercriminals send virus by email in the form of a Word file attachment or a link to a page containing the malicious file.

As the bank explains, the goal of cybercriminals is to intercept login credentials for banking systems in order to extort money. What’s more, the Emotet virus steals passwords saved in browsers and intercepts messages and contact details from mailboxes, so it can pretend to be the victim.

You should pay close attention to the sender�

A Danish manufacturer of hearing aids and bone implants and hearing aid devices, with a branch in Szczecin, was attacked by cyber criminals, which resulted in a complete paralysis of the production line.

On the third of September, one of the company’s employees informed wszczecinie.pl portal that the employees had been released earlier, with a big question mark about the next working day. It had been speculated that the hacker attack on DGS originated from China and that once someone attacks a server in Denmark, all production in Europe is halted. However, at that moment, the director general of DGS Poland, according to the wszczecinie.pl portal, said that the company was struggling with network problems and did not confirm the suspected cyb

Fortinet experts have discovered a vulnerability in WordPress that allows cybercriminals to bypass the JavaScript and HTML filter, thus enabling a cross-attack using malicious script.

According to the Chip portal, the vulnerability particularly affects users with an administrative account privileges. The vulnerability affects WordPress versions 5.0 to 5.04, as well as 5.1 and 5.11.

Thanks to the vulnerability, cybercriminals are able to take over control of the account and the server on which the sites operate.
If you are using WordPress versions listed above, download the security patch immediately.

Emotet is one of the most dangerous Trojans, which after several months of inactivity is on the offensive again. It attacks Internet users through fraudulent emails.

The Emotet Trojan gains access to emails, logins and passwords, thanks to which it has control over victim’s mailboxes, including the ability to affect correspondence. An example would be impersonating a message from Microsoft, as shown by Komputer Świat portal. The content of the message includes an attachment regarding the change of license. If the victim opens the file, it will run malicious macros.

According to cyber security experts, the Trojan could have created a database containing over 200,000 logins and passwords.
In the case of Trojans whic

Dangerous Joker virus was hiding in Google Play applications. Users that granted quite wide range of permissions to selected applications had found out their bank accounts were pretty lean, due to the fact that application was stealing money.

Joker virus registered its victims on sites requiring paid subscriptions. The theft of money from the account consisted of intercepting the SMS code, after which the credit card was charged with small amounts, which reached out to sever dozens PLN a month.

According to the Chip portal, citing the CSIS company, the virus was discovered in 24 applications in the Google Play Store, and the number of downloads reached a figure of half a million.

Attack on 6,700 servers with the Lilu encryption virus. Cybercriminals are demanding a ransom for unblocking the access to the encrypted websites.

According to the ZDNet portal, hackers break into poorly secured www servers that are run on the Linux OS. In order to extort a ransom, they encrypt the code of the website, but only that containing the HTML, SHTML, JS, CSS, PHP and INI extensions.
The victim is then redirected to websites on darkweb. Unlocking the access is priced at 0.03 bitcoin, which translates to around $ 325.

According to the experts from ZDNet, there may be even more victims, due to the fact that that not all Linux servers were indexed in Google search engine.