Xenomorph pilfers victims’ login credentials for banking, payment, social media, cryptocurrency and other apps with valuable data More than 50,000 Android devices were compromised with an Android banking trojan called Xenomorph earlier this year. First reported by ThreatFabric, Xenomorph posed as a system-optimizing app called “Fast Cleaner”. Disguising malicious software as device optimizers, battery- or performance-enhancing and
Threat group Silence has been spotted infecting an increasing number of devices using Truebot malware. The findings come from Cisco Talos researchers, who have also suggested a connection between Silence and the infamous hacking group Evil Corp (tracked by Cisco as TA505). According to an advisory published on Thursday, the campaigns observed by the firm
by Paul Ducklin DATA BREACHES – THE STING IN THE TAIL Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and
Businesses know they need cybersecurity, but it seems like a new acronym and system is popping up every day. Professionals that aren’t actively researching these technologies can struggle to keep up. As the cybersecurity landscape becomes more complicated, organizations are desperate to simplify it. Frustrated with the inefficiencies that come with using multiple vendors for
Indiana’s attorney general filed two separate lawsuits against social media firm TikTok Wednesday alleging the platform promoted content to young users that isn’t age-appropriate and did not adequately protect the safety of users’ data. According to court documents, the TikTok algorithm “promotes a variety of inappropriate content to 13-17-year-old users throughout the United States.” Indiana’s
by Paul Ducklin Researchers at application security company Jscrambler have just published a cautionary tale about supply chain attacks… …that is also a powerful reminder of just how long attack chains can be. Sadly, that’s long merely in terms of time, not long in terms of technical complexity or the number of links in the
Dec 08, 2022Ravie LakshmananMobile Security / Android Malware Researchers have shed light on a new hybrid malware campaign targeting both Android and Windows operating systems in a bid to expand its pool of victims. The attacks entail the use of different malware such as ERMAC, Erbium, Aurora, and Laplas, according to a ThreatFabric report shared
ESET researchers analyzed a supply-chain attack abusing an Israeli software developer to deploy Fantasy, Agrius’s new wiper, with victims including the diamond industry ESET researchers discovered a new wiper and its execution tool, both attributed to the Agrius APT group, while analyzing a supply-chain attack abusing an Israeli software developer. The group is known for
Threat actors have been observed targeting companies operating within the cryptocurrency industry for financial gain. According to a new advisory published by Microsoft on Tuesday, attacks targeting this market have taken several forms over the past few months, including fraud, vulnerability exploitation, fake applications and info stealer deployment. “We are also seeing more complex attacks
by Paul Ducklin BUSINESS RISKS FROM AFTER-HOURS MALWARE Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good
Dec 07, 2022Ravie LakshmananCyber Crime / Ransomware The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive. Other prominent industry verticals targeted include healthcare, governments, manufacturing, retail, and legal services, according to an analysis of leak site data
As 2022 draws to a close, the Threat Research Team at McAfee Labs takes a look forward—offering their predictions for 2023 and how its threat landscape may take shape. This year saw the continued evolution of scams, which is unlikely to slow down, as well as greater adoption of Chrome as an operating system. It
Deployed against carefully selected targets, the new backdoor combs through the drives of compromised systems for files of interest before exfiltrating them to Google Drive This week, ESET researchers published their analysis of a previously undocumented backdoor that the ScarCruft APT group has used against carefully selected targets. ScarCruft is an espionage group that has
The Canadian branch of the human rights organization Amnesty International reported on Monday a sophisticated cyber-attack linked to China. The non-profit said it first spotted suspicious activity on October 05, 2022, and immediately engaged a team of forensic investigators and cybersecurity experts from Secureworks to protect its systems and investigate the source of the attack. According to
by Naked Security writer A Florida man who was part of a cybercrime gang who went after cryptocoin wallets has been sentenced for his part in a cyberheist that allegedly netted the participants more than $20,000,000. The scammers, including one Nicholas Truglia, 25, got control of various online accounts belonging to the victim by using
Dec 07, 2022Ravie LakshmananInternet of Things / Botnet A novel Go-based botnet called Zerobot has been observed in the wild proliferating by taking advantage of nearly two dozen security vulnerabilities in the internet of things (IoT) devices and other software. The botnet “contains several modules, including self-replication, attacks for different protocols, and self-propagation,” Fortinet FortiGuard
Without doubt, the biggest criticism we all have of social media is that everyone always looks fabulous! And while we all know that everyone is only sharing the best version of themselves, let’s be honest – it can be a little wearing. Well, there’s a new social media platform that is determined to uproot our
Forget pests for a minute. Modern farms also face another – and more insidious – breed of threat. While I was in the UK police force and part of the National Cyber Crime Unit in 2018, I was asked to give a talk on cybersecurity at a National Farmers’ Union (NFU) meeting in southern England.
Cloud company Rackspace has revealed it experienced a cybersecurity incident causing it to temporarily suspend its Hosted Exchange environment, which has now been restored. “On Friday, Dec 2, 2022, we became aware of an issue impacting our Hosted Exchange environment. We proactively powered down and disconnected the Hosted Exchange environment while we triaged to understand the
by Paul Ducklin One of the first low-level network tools that any computer user learns about is the venerable ping utility. Named after the eponymous sound effect from any and every old-school war movie scene involving submarines, the command is a metaphorical echo (see what we did there?) of the underwater version of RADAR known
Dec 05, 2022Ravie LakshmananServer Security / Cloud Technology Three different security flaws have been disclosed in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software that could lead to remote code execution on vulnerable servers. “The impact of exploiting these vulnerabilities include remote control of compromised servers, remote deployment of malware, ransomware and firmware implants,
You flick through some reels and an ad for “a more private phone” crops up. You scroll through your news feed and catch wind of yet another data breach at a major retailer. You see a post from a friend who says their social media account was hacked. Maybe you don’t think about security every
Attackers have been increasingly encrypting malware in archives before releasing it in the wild. According to HP Wolf Security’s latest Threat Insights Report Q3 2022, 44% of malware was delivered via archive files in the third quarter of 2022, an 11% increase from the previous quarter and substantially more than the 32% delivered through Office files. The
by Paul Ducklin It’s just under two weeks since Google rushed out a Chrome patch for the then-current version 107 to seal off a bug that was already being used in real-life attacks. The company said nothing more about that bug than to describe it as a “heap buffer overflow in GPU” [sic], and to
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released an Industrial Control Systems (ICS) advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software. “Successful exploitation of these vulnerabilities could allow unauthorized users to gain access to the MELSEC iQ-R/F/L series CPU modules and the MELSEC iQ-R series OPC UA server
This time of year, the air not only gets chillier but a bit cheerier for everyone … including online scammers. Holiday scams are a quick way to make a buck, and cybercriminals employ several holiday-themed schemes to weasel money and personally identifiable information (PII) from gift givers. Here are three common holiday scams to watch
Threat actors have been spotted using criminal proxy networks to obfuscate their illegal activities by hiding behind hijacked IP addresses and using the same to create an appearance of legitimacy. The findings come from security researchers at DomainTools, who have said that while these networks were initially used as part of botnets, their lucrative nature
by Paul Ducklin Forget Sergeant Pepper and his Lonely Hearts Club Band, who taught the band to play a mere 20 years ago today. December 2022 sees the 35th anniversary of the first major self-spreading computer virus – the infamous CHRISTMA EXEC worm that temporarily crushed the major mainframe networks of the day… … not
Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps. The findings were first discovered and reported by Google reverse engineer Łukasz Siewierski on Thursday. “A platform certificate is the application signing certificate used to sign the ‘android’ application on the system image,”
Whether you’re standing around the water cooler at work, waiting for your kids at the school gate or sitting around the dinner table, data breaches are without doubt the hot topic of conversation. In late September, we were all shaken when news of the biggest Australian data breach to date broke – a record 10
- 1
- 2
- 3
- …
- 69
- Next Page »