CVE-2020-0069: Autopsy of the Most Stable MediaTek Rootkit
Introduction In March 2020, Google patched a critical vulnerability affecting many MediaTek based devices . This vulnerability had been known...
malware
FBI warns of COVID-19 phishing scams promising stimulus checks, vaccines
The FBI’s Internet Crime Complaint Center (IC3) has issued a public service announcement warning citizens to watch out for email-based...
Coronavirus news being used to sneak malware past AV programs
In an effort to make malware appear legitimate and help it sneak past security software, groups using two well-known trojans...
TrickBot banking trojan introduces RDP brute forcing module
Malicious actors have created a new module for the TrickBot banking trojan that allows the malware to perform brute force...
Report: NutriBullet’s website injected with skimmer three times by Magecart Group 8
Since February, a prominent Magecart cybercriminal group has injected the same Java-based payment card skimmer program not one, not two,...
Spyware disguised as COVID-19 tracker app actually keeps track of users
Another malicious actor has weaponized an otherwise legitimate, interactive coronavirus tracking map created by Johns Hopkins University — this time...
COVID-19 decoy doc, Cloudflare service used to spread ‘BlackWater’ malware
Researchers have uncovered a new malware campaign that uses the COVID-19 pandemic as a lure, and also abuses platform-as-a-service web...
Foreign APT groups use coronavirus phishing lures to drop RAT malware
Each day, as the novel coronavirus multiplies and spreads, so do cyber scams capitalizing on users’ fears and thirst for...
Password found to rescue victims of malicious COVID-19 tracker app
Members of the IT and cybersecurity communities have successfully obtained a password key for victims of CovidLock Android ransomware, which...
Russian cybercrime forums seen selling malware-sabotaged COVID-19 map
The recently discovered weaponized coronavirus map found to infect victims with a variant of the information-stealing AZORult malware has been...
Coronavirus tracking app locks up Android phones for ransom
A malicious Android app that supposedly helps track cases of the coronavirus actually locks users’ phones and demands a ransom...
Necurs botnet operation dismantled; millions of malicious domains disabled
A coalition of security-minded organizations led by Microsoft struck a major blow against the mighty Necurs botnet — one of...
Cookie-stealing Android trojan likely used for spam distribution campaign
Who stole the cookie from the cookie jar? It’s Cookiethief, a newly discovered Android trojan that gains root access to...
Malicious coronavirus map hides AZORult info-stealing malware
Cyberattackers continue to seize on the dire need for information surrounding the novel coronavirus. In one of the latest examples,...
Years-long malware operation hides njRAT in cracked hacking tools
Malicious actors have been secretly embedding the njRAT remote access trojan in free hacking tools as well as cracks of those...
Durham, N.C. bull rushed by ransomware; recovery underway
The city of Durham, North Carolina and the government of Durham County have experienced disruptions since a ransomware attack last...
Don’t get fooled again: Fake coronavirus emails impersonate the WHO to deliver FormBook trojan
Fears over the novel coronavirus have triggered mass quarantines, Purell and Clorox shortages and financial market turmoil. As global concerns...
Don’t install that security certificate; it’s a malware scam
Cybercriminals have been compromising websites to display a fake security certificate error message in hopes of tricking visitors into downloading...
Data-stealing ransomware hits parts maker for Tesla, Boeing and Lockheed Martin
Visser Precision, a parts maker and manufacturing solutions provider for the aerospace, automotive, industrial and manufacturing industries, has reportedly suffered...
Magecart Group 12 named as actor behind Olympic ticket POS attack
The ticket reselling sites olympictickets2020.com and eurotickets2020.com reportedly have been compromised with Magecart POS skimming malware. Magecart was first spotted...
Lokibot now using fake Epic Games installer to fool victims
The data harvesting malware Lokibot has again been upgraded by its creators, this time to impersonate a popular online game...
Hidden Cobra adds to its malware arsenal: CISA
The DHS Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation have released a report on six...
Mac cyberattacks double in 2019: Malwarebytes
The Apple ecosystem has long been considered the safer environment compared to Windows when it comes to being targeted by...
Phishing campaign targets Americas with new variant of Loda RAT
Researchers have observed a new malware campaign that’s been targeting the U.S., Argentina, Brazil and Costa Rica with an updated...
