Hackers have taken control over several computers in one of the US hospitals by realizing a new form of ransomware called SamSam.

The hospital officials have confirmed that the hackers targeted more than 1400 files, and renamed them with the phrase “I’m sorry”. They gave the hospital seven days to pay 55,000 USD of ransom or the files (with the patient records) would be permanently encrypted.

Unlike traditional ransomware, SamSam is not delivered through drive-by-downloads or emails. It is capable of avoiding detection by disabling built-in Windows protection mechanisms, such as System Restore, Safe Mode, System Recovery, and Windows Error Reporting. Moreover, the ransomware is able to encrypt all files locally without connecting to the

A security flaw has been identified in the design of Intel, ARM and AMD's processors which may affect millions of computers across the world. The flaw is believed to involve chips in computers over the last decade.

The threat affects not only computers, but also smartphones and other devices which utilize the chipsets of the mentioned manufacturers. Details of the issue are being kept under wraps amid fears it could be exploited by hackers.

The Google's Project Zero engineers have categorized the flaw into two forms of attack, named Meltdown and Spectre. The first issue allows attackers to read not only kernel memory but also the entire physical memory of the target machines, and therefore all secrets of other programs and the operating system

The internet security experts from Check Point Software Technologies have recently found a new malicious code hidden inside over 60 game apps available for download from the Google Play Store.

According to the researchers the infected apps contained pornographic malware and were targeted squarely at children. The affected apps have so far been downloaded between 3 and 7 million times!

Dubbed as AdultSwine, the malware was designed to display adverts from the web that were often highly inappropriate and pornographic.

Fortunately, Google has immediately removed the infected apps from Google Play Store. In an emailed statement the company states: "We appreciate Check Point's work to help keep users safe." and "We

The cyber security experts from Trend Micro company have found a new type of malware, known as Digmine. This malicious bot is spreading across the world via the Facebook Messenger app, and was designed to infect as many privet computers as possible, to mine cryptocurrency for its developers at the expense of the users.

Victims usually receive a zip file, named “video_xxxx.zip” (where xxxx is a four-digit number) that tries to pass as video file. In reality it is an executable script, which if activated can affect Facebook Messenger (both the desktop and web versions) using the Goggle Chrome browser.

Once in control of Chrome, the Digmine bot uses the browser to download and install additional extension for its clandestine mining operation

A new method has been recently revealed that, potentially,  allows the cyber criminals to take over the control over EVERY modern smart phone, simple by using several of standard sensors present in these type of devices.

The researchers from the Nanyang Technological University in Singapore (NTU Singapore) have proven that seatrain  sensors (present in every modern smart phone) such as: accelerometer, gyroscope and proximity indicators, represent a potential security risk, that can be easily utilized by cyber criminals.

The researchers have succeeded in unlocking several of modern smart phones (acquired with the UP-TO-DATE Android OS system) with a 99.5 percent accuracy, with only THREE tries, simply by using the combination

A new code injection technique, called “Process Doppelgänging”, has been described at the recent Black Hat Europe 2017 security conference in London. According to the security experts from enSilo cyber-security firm, the newly discovered attack pose a serious threat to all Windows OS systems and is capable of bypassing the majority of today's internet security solutions. This is because the it utilizes the Windows mechanism of NTFS Transactions.

Transactionable NTFS integrates transactions into the NTFS file system to allow for improved error handling and data integrity preservation in Windows systems. The researchers claim that “it is possible to create a file inside a transaction, and for no other process this file is visible, as long as our transaction

The security experts from the ZaufanaTrzeciaStrona.pl portal have recently informed about a new free to access database that contains a whopping 1.4 billion usernames and passwords in clear text.

The database contains plain text credentials leaked from the following domains:

- wp.pl

- interia.pl

- o2.pl

- op.pl

- tlen.pl

- vp.pl

- poczta.onet.pl

- onet.pl

- buziaczek.pl

The security experts from ESET company have informed about two new banking trojan applications located in the Google Play store.

The malicious apps made their way into the store disguised as the seemingly harmless apps “Crypto Monitor”, a cryptocurrency price tracking app, and “StorySaver”, a third-party tool for downloading stories from Instagram.

The apps delivered the promised functionalities but also displayed fake notifications and login forms which appear to be from legitimate banking applications but are actually just phishing pages harvesting credentials. The malicious apps also intercept text messages to bypass SMS-based factor authentication.

According to the ESET post: “After the malicious apps are launc

The portal Zaufana Trzecia Strona warns its readers against a new phishing, which consists of sending false package delivery notification e-mail messages. A moment of inattention can lead to blocking access to the device.

According to the security experts, the scammers send fake e-mails with subject lines containing the text like:

- “Courier's visit date notification”
- “Package delivery notification”
- “Delivery failure notification”

The emails claim to be from one of the major delivery companies (FedEx, Geis, DPD or UPS) contain fraudulent information about an attempted package delivery. The emails then instruct the person to click on a link for more information regarding how and when

Those of you who have installed the Al.type applications (a very popular keyboard app for Android and iOS devices) may have considerable trouble. Potential problems are connected with the security errors leading to the data leakage of approximately 78% of the app users – that is, about 31 million users!

According to the information provided by Zdnet, the compromised database (containing over 577 Gb of data) was stored on a unsecured server. Not even the very basic password protection measures were applied!

Are you curious about what sort of data were leaked? Well, there are a lot of them:
- users' personal data,
- phone numbers,
- e-mail adress,
- IP, IMEI and IMSI numbers,
- ISP’s names,

The cab-hailing app Uber has recently revealed that in October 2016 the unknown group of hackers has gained accessed the accounts of Uber clients.

The whole matter was kept secret by a Uber CEO Dara Khosrowshahi, who had paid 100,000 USD of ransom to the cybercriminals. In his statement, Khosrowshahi said the company had “obtained assurances that the downloaded data had been destroyed” and improved its security, but that the company’s “failure to notify affected individuals or regulators”.

The Uber company has admitted that the hackers have stolen the personal information from over 57 million Uber users around the world, including names and driver's license numbers of around 600,000 drivers in the U.S., rider names, email addresses a

The online store Morele.net warns its customers against false messages. Cybercriminals used the so-called spoofing, where domain appearing in the address of the sender is identical to the store's domain – noname@morele.net.

The customers of the store have receive an e-mail messages (titled as "Invoice for Order No. 4389844") containing a malicious attachment.

Morele.net assures that the messages were not sent from the store's servers, and that the police was already informed about the situation. The store is to take all legal steps to identify cybercriminals and to prevent the occurrence of similar actions in the further. Morele.net emphasizes that the problem may concern in particular company servers that do not include the protoc

Cybercriminals have decided to once again attack the users of the popular social networking site - Facebook. The attack is intended to take over the user's account along with the website maintained on the portal.

A phishing attack involves sending a message that resembles that of a Facebook administrator. The message also has the official logo of the portal. After opening the message, The user is redirected to the post, where he or she  learns that his or hers site will be removed from the social networking, as a result of violations reported issued by the another Facebook user.

As always, the user can evade the accusation by clicking on the link to the page where he or she must enter the login information for the portal. By doing so