-
Apr 16, 2023
A new Android malware called ‘Goldoson’ has been distributed via Google Play through 60 legitimate apps with 100 million downloads. The malware is part of a third-party library that developers have unwittingly added to their apps. According to a research… read more »
-
Apr 14, 2023
The Vice Society ransomware gang has developed a new PowerShell script to automate data theft from compromised networks, which is fully automated and uses “living off the land” binaries and scripts to remain undetected. The script uses multiple functions to… read more »
-
Apr 13, 2023
A cybercriminal gang called Read The Manual (RTM) Locker has been described in detail by cybersecurity researchers of Trellix . RTM is a private ransomware-as-a-service (RaaS) provider that conducts opportunistic attacks to generate illicit profits. The group operates through affiliates,… read more »
-
Apr 13, 2023
Legion is a new Python-based tool being sold on Telegram by cybercriminals that targets online email services for phishing and spam attacks. According to a reserch from cybersecurity firm Cado, Legion is a modular malware likely based on the AndroxGhOst… read more »
-
Apr 11, 2023
Microsoft and Citizen Lab reported that an Israeli-based company, QuaDream, had used a zero-click exploit named ENDOFDAYS to compromise the iPhones of high-risk individuals. The attackers targeted a zero-day vulnerability affecting iPhones running iOS 1.4 up to 14.4.2 between January… read more »
-
Apr 10, 2023
According to a recent research by security firm Sucuri, a malware campaign called Balada Injector has infected over one million WordPress websites since 2017 by exploiting known vulnerabilities in themes and plugins. The attackers use various methods, including String.fromCharCode obfuscation,… read more »
-
Apr 9, 2023
In a comprehensive analysis published by SentinelOne Labs, researchers dissect the inner workings of AlienFox, a highly versatile and multi-functional malware highlighting its features and the risks it poses. What is AlienFox? AlienFox is a highly adaptable and multi-purpose cyber… read more »
-
Apr 9, 2023
In a recent article published by Securelist, researchers detailed the supply chain attack targeting the 3CX Phone System: the attackers managed to compromise the 3CX update infrastructure and deployed a malicious backdoor, dubbed GOPURAM, to unsuspecting users. The GOPURAM backdoor… read more »
-
Apr 8, 2023
Security researchers at Cyble recently discovered a new ransomware variant with some concerning capabilities. Called “Cylance”, this ransomware has a number of advanced features that allow attackers to customize attacks. The ransomware has many command-line options that allow attackers to specify things like file… read more »
-
Apr 8, 2023
Bitdefender’s Cybersecurity Assessment Report 2023 reveals that almost a third of surveyed companies do not disclose data breaches. The report, which summarizes the results of a survey conducted between December 2022 and January 2023, also shows that 52% of IT… read more »
-
Apr 7, 2023
Researchers have discovered that cybercriminals are using Telegram to sell phishing kits and set up phishing campaigns. Phishers create Telegram channels to promote their wares and educate their audience about phishing techniques. Links to these channels are distributed via YouTube,… read more »
-
Apr 5, 2023
According to a report by Cisco Talos, the Typhon Reborn information-stealing malware has returned with an updated version that includes improved capabilities to evade detection and analysis. The new version, which is being offered for sale on the criminal underground,… read more »
-
Apr 4, 2023
Check Point researchers have discovered a new strain of ransomware called Rorschach, with unique characteristics that make it one of the fastest ransomware threats today. The malware was deployed using the DLL side-loading technique via a signed component in Cortex… read more »
-
Apr 4, 2023
CrowdStrike researchers have discovered that SFX archives used to share compressed files with those who do not have WinRAR on their computers are being exploited to hide infected files capable of installing backdoors that bypass operating system security measures. Cybercriminals… read more »
-
Apr 1, 2023
Researchers at cybersecurity firm Cyble have conducted a comprehensive analysis of the supply chain attack targeting customers of 3CX, a VoIP IPBX software development company. The attack has been attributed to North Korean Threat Actors and involves a Trojanized version… read more »
-
Apr 1, 2023
Orca Security researchers discovered a new vulnerability called Super FabriXss (CVE-2023-23383 – CVSS score: 8.2) in Azure Service Fabric Explorer that allows unauthenticated remote code execution. Azure Service Fabric Explorer is a web-based management tool that allows users to visualize… read more »
-
Mar 29, 2023
Google’s Threat Analysis Group (TAG) has released a report stating that commercial spyware vendors have been exploiting zero-day vulnerabilities that were addressed last year in order to target Android and iOS devices. These campaigns were highly targeted and limited, taking… read more »
-
Mar 29, 2023
Since September 2022, trojanised installers for the TOR browser have been used to distribute Clipper malware, which steals cryptocurrency from users in Russia and Eastern Europe. The malware scans clipboard contents for cryptocurrency wallet addresses and replaces them with addresses… read more »
-
Mar 29, 2023
A new report from cybersecurity firm Mandiant sheds light on a previously unknown threat actor operating on behalf of the North Korean regime and using cybercrime to fund its espionage operations. The group, dubbed APT43, is a prolific and aggressive… read more »
-
Mar 27, 2023
According to a recent research from cybersecurity firm Uptycs, a new malware named MacStealer is targeting Apple’s macOS operating system to steal sensitive information, including documents, cookies, and login credentials. The malware primarily affects devices running macOS versions Catalina and… read more »