Google used to offer Nexus-branded Android phones, but now Nexus means mobile malware. Chatter about the Nexus banking botnet began appearing on hacking forums in January 2023, but security researchers from Cleafy now believe this Android malware's origins stretch back to the middle of 2022. It's already very capable...
Read more...
A highly malicious malware is infecting Intel- and M-powered Macs, stealing sensitive information such as user passwords, credit card info, and cookies.
Uptycs researchers recently uncovered a new malware that targets macOS desktop and laptops and shared details on their blog. It's called MacStealer and can infect...
Read more...
Security experts confirmed a major bug in a core Windows app last week, and Microsoft is already rolling out a fix. As we learned recently, the Windows 11 Snipping Tool was susceptible to the "Acropalypse" bug initially discovered in Google's Pixel phones. Google is already patching that one up, and Microsoft isn't...
Read more...
When you delete something, you would naturally expect it to stay deleted. With the "acropalypse" bug, all bets are off. Security researchers discovered last week that Google's Pixel phones would retain data from cropped screenshots, allowing the cropped sections to be recovered. Now, it sounds like there's an almost...
Read more...
Famed automaker Ferrari announced yesterday that the company suffered a data breach involving personal information of its clients, without any impact on its operations.
A hacker or hackers were recently able to gain access to the Maranello based company's IT systems, demanding a ransom for the client info...
Read more...
Amazon-owned Ring is one of the largest providers of smart home cameras and security products, but any users who were trying to get by with the free service tier might be looking to jump ship soon. According to notices sent out by Ring, the company's cameras and security system will lose several key features in the...
Read more...
Mortal Kombat has a reputation for being brutal, but rather than exacting excessive violence on video game characters, unknown threat actors are brazenly brutalizing their victims’ finances in a Mortal Kombat-themed ransomware campaign. Aside from ransomware, this campaign also makes use of the Laplas Clipper malware...
Read more...
Scammers are real pieces of...work (substitute any word you like) as they rarely display any scruples—they prey on the elderly, think nothing of wiping out someone's hard-earned life savings, and are opportunistic predators. That latter part is especially relevant right now with Valentine's Day upon us. According to...
Read more...
Pepsi Bottling Ventures (PBV) has suffered a major data breach, with hackers making off with a trove of sensitive information. The company has begun notifying affected individuals of this incident, but the details remain sparse. According to a sample of the security notice issued by PBV, unknown threat actors managed...
Read more...
Last year saw a rise in threat actors abusing Microsoft Office macros to infect their victims’ systems with malware, prompting Microsoft to block macros embedded in documents downloaded from the internet. In response, threat actors have had to pivot to alternative malware distribution and infection methods, including...
Read more...
We often report on phishing campaigns involving fraudulent customer support agents who trick victims into giving up sensitive information or installing malware on their systems. However, sometimes threat actors flip this script, instead posing as customers in need of help in order to prey on customer support agents...
Read more...
The password manager KeePass is currently the subject of a debate concerning whether or not a particular design decision should be considered a security vulnerability. At the center of this debate is KeePass’ support of triggers, one of which exports users’ password databases. Threat actors could potentially leverage...
Read more...
Earlier this month, a Swiss hacker who goes by the name maia arson crimew exfiltrated a copy the US government’s No Fly List from an insecure server. This list, which names individuals who are forbidden from flying anywhere within US borders, is a subset of the Terrorist Screening Database and is kept hidden from the...
Read more...
Last November, two weeks after the Biden administration held the second International Counter Ransomware Summit, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) published a joint cybersecurity advisory warning...
Read more...
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published a joint cybersecurity advisory warning network defenders about phishing attacks that leverage remote monitoring and management...
Read more...
TA444 is an advanced persistent threat (APT) group believed to be associated with the North Korean government. However, rather than receiving financial backing from its government, the group seems to bring in revenue for the government. Unlike most state-backed APTs, such as China’s Aoqin Dragon or Iran’s Charming...
Read more...
Over the past week, Gmail users have been reporting abuse of the Google Ads platform. However, rather than conducting ad fraud or placing ads that distribute malware, the actors behind this recent activity are leveraging the Google Ads invitation system to direct traffic to various to risky websites. These sites are...
Read more...
A massive ad fraud campaign has shut down after undergoing mitigation efforts organized by HUMAN, cybersecurity firm that works to distinguish human beings from bots for the purpose of disrupting cybercrime. The ad fraud campaign, dubbed “VASTFLUX” by members of HUMAN’s Satori Threat Intelligence and Research Team...
Read more...
The key to any malware campaign is getting malicious code onto a target device, and often, attackers will use a legitimate app store as a vector. Samsung's Android smartphones ship with the Google Play Store, which has hosted its fair share of malware over the years, as well as the less popular Galaxy App Store...
Read more...
Yesterday, T-Mobile, one of the big three mobile internet service providers in the US, announced that it recently fell victim to a data breach. The company disclosed this information in both a news release and a filing with the Securities and Exchange Commission (SEC). However, the news release skips over important...
Read more...
This past July, we wrote about a report published by Coverware that found that the dollar value of the median ransomware payment was on a downward trajectory beginning in Q1 2022 and continuing in Q2 of the same year. However, we weren’t sure whether this decrease in the value of individual payments would reflect in...
Read more...
Among the requirements for installing Windows 11 are two security features: Trusted Platform Module (TPM) version 2.0 and Secure Boot. As we’ve documented before, it’s possible to sidestep these requirements and force a Windows 11 install or upgrade anyway. Microsoft even published a registry hack to give users this...
Read more...
