NginRAT – A stealth malware targets e-store hiding on Nginx servers
Threat actors are targeting e-stores with remote access malware, dubbed NginRAT, that hides on Nginx servers bypassing security solutions. Researchers...
News
SideCopy APT: Connecting lures to victims, payloads to infrastructure
This blog post was authored by Hossein Jazi and the Threat Intelligence Team. Last week, Facebook announced that back in...
Europol arrested 1800 money mules as part of an anti-money-laundering operation
Europol identified 18,351 money mules and arrested 1,803 of them as part of an international anti-money-laundering operation codenamed EMMA 7....
Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library
Mozilla fixed a critical memory corruption issue affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. Mozilla has...
VirusTotal Collections allows enhancing the sharing of Indicators of Compromise (IoCs)
VirusTotal announced VirusTotal Collections, a new service that allows security researchers to share sets of Indicators of Compromise (IoCs). VirusTotal...
Capcom Arcade Stadium’s record player numbers blamed on card mining
Some of my favourite retro video games are making waves on Steam, but not in the way you might think....
New RTF Template Inject technique used by APT groups in recent attacks
Nation-state actors from China, India, and Russia, were spotted using a novel RTF template injection technique in recent attacks. APT...
Here’s what data the FBI can get from WhatsApp, iMessage, Signal, Telegram, and more
Not every secure messaging app is as safe as it would like us to think. And some are safer than...
Have you downloaded that Android malware from the Play Store lately?
Security researchers have discovered banking Trojan apps on the Google Play Store, and say they have been downloaded by more...
Most people aren’t upgrading to Windows 11: Not the end of the world
Windows 11 is experiencing an apparent lack of uptake among Windows users. If this survey is accurate, less than 1%...
FBI training document shows lawful access to multiple encrypted messaging apps
Which are the most secure encrypted messaging apps? An FBI document shows what data can be obtained from them. The...
Sabbath Ransomware target critical infrastructure in the US and Canada
Sabbath ransomware is a new threat that has been targeting critical infrastructure in the United States and Canada since June...
APT annual review 2021
In the Global Research and Analysis Team at Kaspersky, we track the ongoing activities of more than 900 advanced threat...
Play the Opera Please – Opera patches a flaw in their turbo servers
Opera released a mini patch for a vulnerability in their turbo servers that dates back to 2018. Prior approval are...
New EwDoor Botnet is targeting AT&T customers
360 Netlab experts spotted a new botnet dubbed EwDoor that infects unpatched AT&T enterprise network edge devices. Experts from Qihoo 360’s...
Massive faceprint scraping company Clearview AI hauled over the coals
Life must be hard for companies that try to make a living by invading people’s privacy. You almost feel sorry...
Critical Printing Shellz flaws impact 150 HP multifunction printer models
Researchers discovered a critical wormable buffer overflow vulnerability that affects 150 different HP multifunction printer models (MFPs). Cybersecurity researchers from...
WIRTE APT group targets the Middle East since at least 2019
A threat actor named WIRTE targets government, diplomatic entities, military organizations, law firms, and financial institutions in Middle East. Cybersecurity...
4 Android banking trojans were spread via Google Play infecting 300.000+ devices
Experts found four Android banking trojans that were available on the official Google Play Store and that infected +300,000 devices....
ScarCruft surveilling North Korean defectors and human rights activists
The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor we first reported in 2016....
WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019
Overview This February, during our hunting efforts for threat actors using VBS/VBA implants, we came across MS Excel droppers that...
Google experts found 2 flaws in video conferencing software Zoom
Google Project Zero researchers have discovered two vulnerabilities in the video conferencing software Zoom that expose users to attacks. Security...
US-CERT Bulletin (SB21-333):Vulnerability Summary for the Week of November 22, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Panasonic confirmed that its network was illegally accessed by attackers
Panasonic disclosed a security breach after threat actors gained access to its servers storing potentially sensitive information. Japanese electronics giant...
