- HummingBad Malware Returns
Looks like the HummingBad malware has made a return with its new, more powerful and annoying version. This new version is dubbed as HummingWhale which has improved add fraud capabilities in its code. So, if the user spots the app and goes to close the app process then HummingWhale will go under and turns into a virtual machine which is way lot harder to detect. This .apk operates as a dropper, used to download and execute additional apps, similar to the tactics employed by previous versions of HummingBad. However, this dropper went much further. It uses an Android plugin called DroidPlugin, originally developed by Qihoo 360, to upload fraudulent apps on a virtual machine.
Cyber Security Tips: Don’t download apps from third party app stores..
- The PirateBay.org Goes Down; Dark Web Domain Is Up And Running
The ThePirateBay.org (TPB) domain is offline worldwide. The reason for this outage is unclear, but the good news is that you can still access the site on the dark web through Tor browser, thanks to ThePirateBay’s .onion link. Currently, visitors can see a CloudFlare warning message on TPB domain revealing that the site is offline but since the site uses CloudFlare’s Always Online technology they can continue to surf a snapshot of the site. The Pirate Bay is now back online at the time of writing and available for users worldwide, however, it is still unclear why the site was down for almost 16 hours.
- US Makes HTTPS Mandatory for All New .Gov Websites
To increase the security of the government websites that are usually targeted by the hackers, United States will default to HTTPS to all the new .gov websites starting this year. During the administration of Obama, the government has set December 31 as the deadline for all government websites to switch to HTTPS, but from some unofficial stats, we came to know that only 60 percent of these websites actually completed the transition. Now the General Services Administration announced that from 2017, all new .gov websites will have HTTPS automatically. GSA says that the HTTPS will be applied to all subdomains of freshly registered executive .gov websites, that include intranet web sites, saying that sticking with HTTP even for the intranet is not at all secure and is “discouraged.”