With Black Friday-Cyber Monday looming, Grelos skimmer tied to Magecart poses threat
A new Grelos skimmer variant tied to Magecart Group could potentially lure online shoppers to fill out phony payment forms...
malware
QBot malspam campaign preys on Americans anticipation for election news
An intense presidential election and a grueling week of vote counting has left many Americans distracted from their work, anxious...
Wroba mobile banking trojan targets US smartphones
According to details Kaspersky released to the media, the new wave in the U.S. was detected Oct. 29 and targeted...
Treasury sanctions Russian research institute for Triton attack
The Treasury Department’s Office of Foreign Assets Control sanctioned a Russian government research institution linked to Triton malware targeting industrial...
Phishing scam lures employees by teasing secrets of Trump COVID diagnosis
Pictured: President Donald Trump in the Presidential Suite at Walter Reed National Military Medical Center on Oct. 3, after being...
Common bugs make anti-virus solutions vulnerable to exploitation
The very anti-malware solutions meant to protect organizations for things like increasing privilege can be exploited to do just that....
Amid Iranian hacker crackdown, CISOs should prep for retaliation
The United States ran a full-court press against Iranian hackers last week, including indictments from the Department of Justice, the...
Apple notarization process, meant to protect, approved Shlayer malware
Apple appears to have inadvertently approved OSX.Shlayer malware as part of the security notarization process it has touted would boost...
Trojan infects NCR, posing risk to supply chain
String of ATMs seen at Hartsfield-Jackson Atlanta International Airport. A trojan infected NCR Corporation, potentially posing a supply chain risk...
SMBs assaulted by ‘mercenary’ DeathStalker APT espionage campaigns
The hacker collective known as DeathStalker has recently widened its footprint to include small to medium-sized business (SMB) targets in...
Threat hunters watch as Chinese hackers forage forums for tools
Pictured: The Forbidden City, in Beijing. Experts say Chinese APT operations use a mix of proprietary and publicly available tools...
Apple OS developer supply chain threatened by ‘clever’ malware attack
In an attack described as a “clever” supply-chain threat, XCSSET malware is being injected undetected into programs created by unwitting...
DHS and FBI warn of North Korean malware targeted at defense contractors
The Department of Homeland Security and Federal Bureau of Investigation published an alert Wednesday about malware it claims North Korea...
U.S. urges Linux users to secure kernels from new Russian malware threat
The FBI and NSA jointly issued an advisory on Drovorub – a newly disclosed malware program targeting Linux systems. (Jan...
Hackers hijack design platform to go phishing
Australian design platform Canva unwittingly provided phishing campaigns with graphics, making threat actors’ schemes appear more legitimate as they pilfer...
Shadow Code in security’s blind spot, ups risk of attack
The proliferation of Shadow Code – third-party scripts and open source libraries used in web applications – may help organizations...
Tesla RAT adapts, evolves to thwart security
It may be unsophisticated but the Agent Tesla RAT is “street-wise,” adapting and evolving just enough to wreak havoc on...
Why are Frida and QBDI a Great Blend on Android?
Introduction Reverse engineering of Android applications is usually considered as somewhat effortless because of the possibility of retrieving the Java...
Botnet abuses Docker servers and crypto blockchain to deliver Doki backdoor
As user organizations move more of their business infrastructure off premises, cybercriminals become increasingly motivated to target Linux-based cloud environments,...
Dacls RAT’s goals are to steal customer data and spread ransomware
The Dacls remote access trojan that is capable of attacking Windows, Linux and macOS environments has been used to distribute...
Docker attackers devise clever technique to avoid detection
In what researchers say is a first, attackers are performing a new container attack technique in the wild, whereby they...
More Chinese tax software found to dish out backdoor malware
A second tax software program associated with the Chinese banking industry has now been found to contain an embedded backdoor...
Unsealed indictment alleges Kazakh man is behind Fxmsp hacking group
Federal prosecutors have indicted Andrey Turchin, a 37-year-old citizen of Kazakhstan, on five criminal counts related to his alleged involvement...
Hidden purpose of Mac ‘ransomware’ EvilQuest is data exfiltration, say researchers
Researchers have developed a decryption tool for the recently discovered EvilQuest ransomware program designed to target Mac machines. But several...
