The portal Zaufana Trzecia Strona warns its readers against a new phishing, which consists of sending false package delivery notification e-mail messages. A moment of inattention can lead to blocking access to the device.

According to the security experts, the scammers send fake e-mails with subject lines containing the text like:

- “Courier's visit date notification”
- “Package delivery notification”
- “Delivery failure notification”

The emails claim to be from one of the major delivery companies (FedEx, Geis, DPD or UPS) contain fraudulent information about an attempted package delivery. The emails then instruct the person to click on a link for more information regarding how and when

Those of you who have installed the Al.type applications (a very popular keyboard app for Android and iOS devices) may have considerable trouble. Potential problems are connected with the security errors leading to the data leakage of approximately 78% of the app users – that is, about 31 million users!

According to the information provided by Zdnet, the compromised database (containing over 577 Gb of data) was stored on a unsecured server. Not even the very basic password protection measures were applied!

Are you curious about what sort of data were leaked? Well, there are a lot of them:
- users' personal data,
- phone numbers,
- e-mail adress,
- IP, IMEI and IMSI numbers,
- ISP’s names,

The cab-hailing app Uber has recently revealed that in October 2016 the unknown group of hackers has gained accessed the accounts of Uber clients.

The whole matter was kept secret by a Uber CEO Dara Khosrowshahi, who had paid 100,000 USD of ransom to the cybercriminals. In his statement, Khosrowshahi said the company had “obtained assurances that the downloaded data had been destroyed” and improved its security, but that the company’s “failure to notify affected individuals or regulators”.

The Uber company has admitted that the hackers have stolen the personal information from over 57 million Uber users around the world, including names and driver's license numbers of around 600,000 drivers in the U.S., rider names, email addresses a

The online store Morele.net warns its customers against false messages. Cybercriminals used the so-called spoofing, where domain appearing in the address of the sender is identical to the store's domain – noname@morele.net.

The customers of the store have receive an e-mail messages (titled as "Invoice for Order No. 4389844") containing a malicious attachment.

Morele.net assures that the messages were not sent from the store's servers, and that the police was already informed about the situation. The store is to take all legal steps to identify cybercriminals and to prevent the occurrence of similar actions in the further. Morele.net emphasizes that the problem may concern in particular company servers that do not include the protoc

Cybercriminals have decided to once again attack the users of the popular social networking site - Facebook. The attack is intended to take over the user's account along with the website maintained on the portal.

A phishing attack involves sending a message that resembles that of a Facebook administrator. The message also has the official logo of the portal. After opening the message, The user is redirected to the post, where he or she  learns that his or hers site will be removed from the social networking, as a result of violations reported issued by the another Facebook user.

As always, the user can evade the accusation by clicking on the link to the page where he or she must enter the login information for the portal. By doing so

The Nebezpiecznik portal warns of fake e-mail messages sent by the cyber criminals, in which they impersonate DotPay company.

The messages contain an attachment file. Opening it carries large consequences – infection of the device and loss of the 350 PLN.
You can read the e-mail content here.

Opening the attachment will initialize the download of the malicious file, denoted as binstxt.exe. The file  acts as a classical ransomwere and is capable of encrypting all the data stored on the disk. Once the encryption process is over, the victims receive a message inform

A new dangerous malware targeting Android devices is on the loose. So far the virus, known as LokiBot, has collected over 1.5 million USD from its their victims.

A new threat was discovered by the security experts from the Kaspersky Lab. LokiBot behaves as a typical banking trojan, generating and distributing fake "bank" notifications. It can also steal the victim’s contacts. It has a specific command to spam all contacts with SMS messages as a means to spread the infection. Furthermore, the malware has an unique option, which allows it to lock the infected devise and prevent the user from accessing it.

Another very interesting feature of LokiBot is its ransomware capabilities. If threaten, the malware can act as a classic ransomwa

A fake version of WhatsApp, denoted as Update WhatsApp Messenger, was recently found on Google Play Store.
The fake app was clearly designed to mimic the popular messaging app and to trick the users into downloading it thinking that they were downloading an actual WhatsApp’s update.

The fake application differentiates itself by adding unicode to the end of its developer name. Instead of a space, unicode added at the end makes it look like a space while having a different value, making it hard to detect.

According to the Hackers News portal, the fake app contained unwonted ads, and is also known to stealthily download an additional file to Android phones called Whatsapp.apk. The purpose of this file is yet unknown, but it is safe to

Beware of fake SMS messages strikingly similar to those sent by the mobile operators.
The whole matter was revealed by the Nebezpiecznik.pl portal, one of whose readers has recently received such an SMS.

The fake message reads: "I'm back! The number given as the sender of the SMS had finished talking. You can call back. The message is free, sent by the Operator".

Persons who have received such an SMS can reflexively dial the number, however the cost of such a call can be quite high.

To avoid any problems, the phone users should pay attention to the beginning of the number. If the number starts with +53 then it is almost certain that the sent message is false. Any attempt to call back to the given number ca

The security firm ESET noted that Eltima Software company has unknowingly provided an application infected with the OSX trojan.

The Eltima was the victim of a cyber attack. Those who have installed the Elmedia Player software had also downloaded a malicious trojan Proton, which was in the application installation files. The trojan can take control of the victim's device, steal information from browsers like passwords and logins, or the contents of Bitcoin wallet.

After the ESET expert response, malicious software was removed from the application and Eltima servers. At risk were the owners of macOS devices.

If anyone has downloaded and installed Elmedia Player or Folx by October 19th, he or she ought to scan the system with u

Bad Rabbit – a new variant of a famous Petya ransomware – was recently spreading across Russia, Ukraine, Germany and Japan servers and computer systems. The attack began on October 24, however, new victims are still being identified.

According to security experts from the ESET company, the highest infection vector for Bad Rabbit was detected in Russia (over 65% of indentified cases), Ukraine (12%), Germany (2.4%), and in Japan (3.8%). ESET emphasizes that all attacks on individuals (over 200 cases) were carried out simultaneously.

Security experts also report that the ransomware used in the attacks (denoted as Win32/Diskcoder.D) was distributed through a fake Adobe Flash update, offered up from compromised websites.

Afte

Security experts from the ESET company warned against another dangerous infection data encryption data scrambling virus, known as DoubleLocker.

According to the researches the virus is distributed mostly as a fake Adobe Flash Player through compromised websites and is especially dangerous for the Android smartphone users.

After installation DoubleLocker changes the device’s PIN, preventing victims from accessing their devices, and also encrypts the data using AES algorithm. Shortly after the victim is informed that in order to retain the data, he or she must pay a ransom (of approximately 300 PLN) via bitcoin payment system. However, ESET experts advise against paying any money, as there is no guarantee of obtaining a decryption key.

The T-Mobile telecommunication operator has notified the police of detecting atypical movements in the security system made by the employees of one of the T-Mobile's business partners.

The suspects are the employees of the call center and marketing company who possessed the authorized access to the T-Mobile’s customers personal data.

The stolen information was transferred to the competition. As was determined by the police, the disloyal employees received a steady pay for stealing the T-Mobile’s customers data. Police seized access to the servers on which the stolen data was stored.

The security experts from SensePost warn about a newly discovered form of the cyberattack, that takes advantage of one of the Microsoft Office feature, called Microsoft Dynamic Data Exchange (DDE). Surprisingly, this type of attack existed since the early 1990s, when DDE was introduced.

DDE was designed to allows the Office application to load data from other each other. Unfortunately, it can be also used by the hackers to create malicious Word files with DDE fields that instead of opening another Office app, open a command prompt and run malicious code.

This is just another case where malware authors have found a creative way of abusing a legitimate feature, like with OLE and macros.

Before the Microsoft Office developer re