Items tagged with cybersecurity
In what feels like déjà vu, a particular piece of Android malware has managed to sneak its way back into apps available in the Google Play Store after initially being discovered in 2019. The security research team at Kaspersky shared that the "Necro" trojan was found within several popular apps that, according to...
Read more...
Researchers at Cado Security have found new malware targeting maOS users, which is dubbed “Cthulhu Stealer.” The malicious app attempts to deceiver users by masquerading as legitimate software, such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP. It’s incredibly similar to Atomic Stealer, malware first released in...
Read more...
Security researchers at Cisco Talos have discovered a set of vulnerabilities affecting macOS users who have Microsoft applications installed on their computers, providing more attack vectors for malicious actors. The researchers say that “an attacker could bypass the operating system’s permission model by using...
Read more...
More malware targeting Mac users has been found by searchers at security firm Elastic Security Labs. The malicious software has been dubbed “Banshee Stealer,” and it is able to compromise systems using either Intel or Apple Silicon chips. The researchers says that “this malware presents a severe risk to macOS users...
Read more...
This one's important, so let's get right to it: a new security flaw in all versions of Windows opens the door for a wormable remote code execution vulnerability. That means it can be exploited by an automated worm with zero user interaction required, and it gives the remote attacker the ability to execute code on the...
Read more...
Yet another leak of stolen data has made its way to Breach Forums, a popular site for bad actors who traffic in this kind of data theft. The data originates from the breach of National Public Data, which is a service that gathers information from separate sources to form profiles on individuals located in several...
Read more...
Security firm Cleafy has discovered a new piece of Android malware being used in the wild, dubbed BingoMod. BingoMod is designed to steal money from a victim by committing On Device Fraud, which makes it easier to bypass security measures used by banking institutions. The threat actors appear to be targeting users...
Read more...
Apple users located across 98 countries have received notifications from the company that they have been targeted in a recent spyware campaign, according to a report by TechCrunch. This is part an initiative by Apple to warn users who are typically at higher risk of being targeted in these kinds of attacks, such as...
Read more...
Security firm Symantec has posted a bulletin about a smishing (SMS phishing) campaign currently targeting Apple users in the United States. The end of goal for these threat actors is to take over a user’s Apple ID, which provides them access to an individual’s personal information, financial information, and...
Read more...
Cybersecurity firm Check Point Research has discovered a potent piece of Android malware, called Rafel, being utilized by threat actors. The malware is an open-source remote administration tool (RAT) and Check Point Research says that it has already observed “an espionage group leveraging Rafel in their...
Read more...
It appears that AMD is now the latest victim of cybercrime and a data breach, as company data is being offered for sale on a message board frequented by criminal hackers. AMD acknowledged the situation in a statement, noting that, "we are aware of a cybercriminal organization claiming to be in possession of stolen AMD...
Read more...
Threat actors are actively trying to exploit VPN environments that make use of remote access at an accelerated rate, in order to infiltrate and attack enterprise networks, according to cyber security firm Check Point. The company says the intent is to “discover relevant enterprise assets and users, seeking for...
Read more...
Are you looking to get some laundry done on the cheap or, even better yet, free? It turns out a security flaw in a popular internet-connected laundry machine vendor could allow anyone to avoid paying the fee for washing or drying clothes. This vulnerability was reported to the vendor months ago and remains unfixed...
Read more...
It has been a little while since our last major data breach, with the latest being back on April Fools' with AT&T having the information of 73 million accounts appear on the dark web. However, hackers never rest so it was simply a matter of time before another breach would happen, this time with Dell. A threat actor...
Read more...
Artificial intelligence has been used for some rather interesting applications, such as helping people deal with losing a loved one. While this is a unique use of the technology, there is so much more that AI can be used to improve our daily lives. This includes cybersecurity, which Google is now capitalizing on by...
Read more...
Earlier this month, Microsoft discovered a vulnerability pattern in Android applications that could enable overwriting files and allow remote code execution. This issue that could be leveraged by attackers has also been seen in the wild with several applications, but organizations have seemingly been quick to rectify...
Read more...
In the past few years, the ransomware market has heated up, leading to more payouts for threat actors and more attacks overall. However, in late 2023, with the seizure of BlackCat ALPHV by law enforcement, among other factors, the business side of ransomware-as-a-service (RaaS) has been put on ice, at least somewhat...
Read more...
If you are a threat actor and want to mine cryptocurrency or steal some juicy information, a gamer’s PC is a good target for that sort of thing, given the hardware and software they use. Even better yet is the PC of a game cheater because they are used to downloading sketchy software in the first place, so the barrier...
Read more...
End-of-life hardware can be quite the problem at times, even crashing back into Earth’s atmosphere at supersonic speeds for that matter. Of course, we wouldn’t expect such travesties happening with the hardware you keep in your basement, or that NAS you tucked away your closet. However, older tech gear can have...
Read more...
Over the past few days, the security world has been abuzz with the discovery of a backdoor snuck into a compression utility called xz-utils. While this backdoor was effectively a near miss, getting caught before it became pervasive, it goes to show that with a bit of social engineering and laying low for a while, you...
Read more...
A team of researchers recently found a side-channel vulnerability in Apple’s custom SoC architecture that does not appear patchable and allows for the theft of encryption keys.
The research team, which hails from six different universities around the United States, published its findings and is calling it the...
Read more...
Most experts would suggest that humans are the weakest link in cybersecurity, which is evidenced by the pervasiveness of phishing emails and whatnot. However, it’s not just end users that can be a problem. System administrators are human too, and can introduce serious problems just the same. This is what a group of...
Read more...
