FakeSG enters the ‘FakeUpdates’ arena to deliver NetSupport RAT
Over 5 years ago, we began tracking a new campaign that we called FakeUpdates (also known as SocGholish) that used...
News
Ransomware review: July 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on...
Criminals target businesses with malicious extension for Meta’s Ads Manager and accidentally leak stolen accounts
Like all social media platforms, Facebook constantly has to deal with fake accounts, scams and malware. We have written about scams...
Ransomware review: June 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on...
Malicious ad for USPS fishes for banking credentials
We often think of malvertising as being malicious ads that push malware or scams, and quite rightly so these are...
Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan
Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader...
What is Data Security Posture Management (DSPM)?
Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct...
China’s APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe
A nation-state actor with links to China is suspected of being behind a series of attacks against industrial organizations in...
New NodeStealer Targeting Facebook Business Accounts and Crypto Wallets
Cybersecurity researchers have unearthed a Python variant of a stealer malware NodeStealer that's equipped to fully take over Facebook business...
Researchers Expose Space Pirates’ Cyber Campaign Across Russia and Serbia
The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and...
European Bank Customers Targeted in SpyNote Android Trojan Campaign
Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an...
Ongoing STARK#MULE Attack Campaign Discovered
Security researchers have uncovered an ongoing attack campaign dubbed STARK#MULE, which employs US military-related documents as lures to deliver malware...
CISA: New Submarine Backdoor Used in Barracuda Campaign
A Chinese threat actor that compromised federal networks by targeting Barracuda security appliances did so in part thanks to a...
Biden Announces National Cyber Workforce and Education Strategy
Against a backdrop of global cybersecurity workforce gap of 3.4 million people, the White House today announced its new National...
SpyNote Android Spyware Strikes Financial Institutions
The Android spyware known as SpyNote has been targeting financial institutions since late 2022 while expanding its capabilities to carry...
UK Military Embraces Security by Design
The UK’s Ministry of Defence (MoD) has launched its Secure by Design initiative, which is to transform how cybersecurity is...
APT31 Implants Target Industrial Organizations
Cybersecurity researchers have uncovered crucial insights into the tactics, techniques and procedures (TTPs) employed by the threat actor APT31 (also known...
Israel’s largest oil refinery website offline after DDoS attack
Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have...
Hackers steal Signal, WhatsApp user data with fake Android chat app
Hackers are using a fake Android app named 'SafeChat' to infect devices with spyware malware that steals call logs, texts,...
Canon warns of Wi-Fi security risks when discarding inkjet printers
Canon is warning users of home, office, and large format inkjet printers that their Wi-Fi connection settings stored in the...
P2PInfect server botnet spreads using Redis replication feature
Threat actors are actively targeting exposed instances of SSH and Redis Redis open-source data store with a peer-to-peer self-replicating worm...
Google: Android patch gap makes n-days as dangerous as zero-days
Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in...
Hackers exploit BleedingPipe RCE to target Minecraft servers, players
Hackers are actively exploiting a 'BleedingPipe' remote code execution vulnerability in Minecraft mods to run malicious commands on servers and...
US-CERT Vulnerability Summary for the Week of July 17, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...
