Financial cyberthreats in 2021
The year 2021 was eventful in terms of digital threats for organizations and individuals, and financial institutions were no exception....
News
US and UK link new Cyclops Blink malware to Russian state hackers
UK and US cybersecurity agencies linked Cyclops Blink malware to Russia’s Sandworm APT US and UK cybersecurity and law enforcement...
Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor
Pangu Lab researchers disclosed details of the Bvp47 backdoor that was used by the US NSA Equation Group. Researchers from...
Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp?
The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy...
Horde Webmail Software is affected by a dangerous bug since 2012
Experts found a nine-year-old unpatched flaw in the Horde Webmail software that could allow access to email accounts. A feature...
Iranian Broadcaster IRIB hit by wiper malware
Iranian national media corporation, Islamic Republic of Iran Broadcasting (IRIB), was hit by a wiper malware in late January 2022....
SMS PVA Part 1: Underground Service for Cybercriminals
In this three-part blog entry, our team explored SMS PVA, a service built on top of a global bot network...
Threat actors target poorly protected Microsoft SQL Server installs
Threat actors install Cobalt Strike beacons on vulnerable Microsoft SQL Servers to achieve a foothold in the target network. Researchers...
Xenomorph banking Trojan downloaded over 50,000 times from Play Store
Besides the name of the creature that “stars” in the Alien movies by 20th Century Fox, Xenomorph is also the...
Cookware giant Meyer Corporation discloses cyberattack
US cookware distributor giant Meyer Corporation discloses a data breach that affected thousands of its employees. Meyer Corporation, the second-largest...
Police dismantled a gang that used phishing sites to steal credit cards
The Ukrainian police arrested a gang specialized in the sale of stolen payment card data through phishing attacks. The cybercrime...
China-linked APT10 Target Taiwan’s financial trading industry
China-linked APT group APT10 (aka Stone Panda, Bronze Riverside) targets Taiwan’s financial trading sector with a supply chain attack. The...
A cyber attack heavily impacted operations of Expeditors International
American worldwide logistics and freight forwarding company Expeditors International shuts down global operations after cyber attack American logistics and freight forwarding company Expeditors International...
Mobile malware evolution 2021
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Figures...
Xenomorph Android banking trojan distributed via Google Play Store
Xenomorph Android trojan has been observed distributed via the official Google Play Store targeting 56 European banks. Researchers from ThreatFabric...
Latest Mac Coinminer Utilizes Open-Source Binaries and the I2P Network
A Mac coinminer has been spotted using open-source components in its routine and the I2P Network to hide its traffic....
US-CERT Bulletin (SB22-052):Vulnerability Summary for the Week of February 14, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
How SMS PVA services could undermine SMS-based verification
Crooks abuse some SMS PVA services that allow their customers to create disposable user accounts to conduct malicious activities. While...
CISA offers guidance on dealing with information manipulation
Malicious actors use influence operations, like spreading false information, to shape public opinion, undermine trust, amplify division, and create dissension....
Facebook sued for siphoning facial recognition data without consent
Ken Paxton, the Attorney General of Texas, recently filed a lawsuit against Facebook’s parent company, Meta, for harvesting the facial...
A week in security (February 14 – February 20)
Last week on Malwarebytes Labs: Adobe patches actively exploited Magento/Adobe Commerce zero-dayRansomware gang hits 49ers’ network before Super Bowl kick...
A flaw in the encryption algorithm of Hive Ransomware allows retrieving encrypted files
Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data. Researchers discovered...
Threat Report Portugal: Q4 2021
The Threat Report Portugal: Q4 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q4,...
BEC scammers impersonate CEOs on virtual meeting platforms
The FBI warned US organizations and individuals are being increasingly targeted in BECattacks on virtual meeting platforms The Federal Bureau...
