OwnZap Infosec

Wishing you a Happy New Year..!!

STAY HOME. STAY SAFE.

Google reCAPTCHA Abused in Multiple Phishing Campaigns

Multiple Microsoft-themed phishing campaigns have been discovered that are using phony Google reCAPTCHA. In these, the attackers are looking for credentials of senior employees of various organizations.

The phishing campaigns have been active since December 2020 and largely focused on senior employees working in the banking sector. These phishing attacks are likely a part of a single coordinated campaign.

Exploitable vulnerabilities in four popular smart cameras.
1. Keekoon KK005 Camera
2. Tenvis TH661 Home Camera
3. Reolink C1 Pro Camera
4. Geenker HD IP Camera

Hi Facebook Family,
Freedom in mind,
Faith in Words,
Pride in our Heart,
Memories in our Souls.
Let's Salute the Nation on
REPUBLIC DAY.

Greetings from OwnZap Infosec.

Happy New Year to our LinkedIn family.

Adrozek Malware Hijacking Chrome, Firefox, Edge, Yandex Browsers.
The persistent browser modifier malware has been observed since May this year, with over 30,000 devices affected every day at its peak in August.
"Cybercriminals abusing affiliate programs is not new—browser modifiers are some of the oldest types of threats,". "However, the fact that this campaign utilizes a piece of malware that affects multiple browsers is an indication of how this threat type continues to be increasingly sophisticated. In addition, the malware maintains persistence and exfiltrates website credentials, exposing affected devices to additional risks."

May the name of Waheguru Ji be enshrined in your life. A very Happy Guru Nanak Jayanti to you and your family!

Fake Minecraft Modpacks on Google Play deliver millions of abusive ads and make normal phone use impossible.

Once the modpack malware is installed on the Android device, it only allows itself to be opened once. And once opened, the app is glitchy and useless.

The user closes the application but the app still runs in the background, working overtime to deliver ads.

Cybercriminals are currently exploiting the COVID-19 pandemic problem to initiate extremely advanced cyber-attacks on any potential industry. During the first six months of 2020, different Fortune 500 businesses were the victim of major data breaches that hackers sold account credentials, sensitive data, confidential and financial records from cybercriminal platforms of these organizations.

OwnZap Infosec | Cybersecurity Company in India Since the COVID-19 Pandemic has forced companies to move their business to remote operation, there has been a significant increase in the number of data breaches.

Hackers were observed operating FakeUpdates campaigns using Microsoft Teams updates as a lure to target educational organizations.

For every lock, there is someone out there trying to pick it or break-in.

A live-streaming video website database leaked on the . Stickam featured user-submitted pictures, audio, video, and most prominently, live streaming video chat.
The data is hashed using MD5 and there are around 531k entries on this database.