Items tagged with Malware
A malware campaign originally targeting Microsoft Windows that began in July of this year is now taking aim at Apple’s macOS. Cybersecurity Researcher Ankit Anubhav shared on the Infosec Exchange instance on Mastodon that it got an update that will now push a DMG file payload when it detects an Apple user browsing...
Read more...
As it turns out, hotels, and by extension, the hospitality industry, are not the most secure organizations around despite handling personal information and credit card details. This is evident in the recent MGM Hotel breach or even further back with the 2022 social engineering of Marriott. Now, an infostealer campaign...
Read more...
While Windows is nearly ubiquitous, great for convenience and it offers a familiar end-user experience, some things are more easily done on Linux. Given this odd juxtaposition of popularity versus utility, threat actors targeting Linux are finding a target-rich environment that can still fly under the radar for the...
Read more...
The FBI and Justice Department recently announced a “multinational operation to disrupt and dismantle the malware and botnet known as Qakbot.” In what the authorities are calling one of the largest U.S.-led disruption operations, Qakbot infrastructure was accessed to tear down the network from the inside.
Qakbot...
Read more...
This month, researchers at Zimperium’s zLab reported on a means by which thousands of Android malware samples were evading detection and analysis. It is claimed that over three thousand samples use this technique, which involves tampering with the field that establishes what compression method is used for the...
Read more...
Earlier this month, researchers from Palo Alto’s Unit 42 discovered a peer-to-peer worm dubbed P2PInfect targeting Redis installations, an open-source database application used in cloud environments. While only 934 of the publicly communicating 307,000 unique Redis systems may be vulnerable, the worm may knock on the...
Read more...
Security researchers at Kaspersky are ringing the alarm bells on a trojan that's managed to infiltrate Google Play and infect well over half a million Android devices. Dubbed "Fleckpe," the malware strain has been active since last year and has been detected in eleven Android apps (so far). The good news is they've...
Read more...
A new piece of Windows malware is making the rounds, but what else is new? You never want to fall victim to a malware campaign, but this one is particularly troublesome. EvilExtractor is billed as an "all-in-one" solution for your online criminal needs. With this one tool, a threat actor can monitor keystrokes, steal...
Read more...
You probably don't go installing software and updates willy-nilly but you may know someone who does, be it a less tech savvy friend or family member. If they surf the web using Google's Chrome browser, save yourself a potential tech support headache and advise them of a malware campaign designed to dupe them into...
Read more...
The FBI just issued a warning to the public against using free public USB charging ports, such as those found at airports or malls, because they've been found to be ports of entry for malware.
A recent tweet by the FBI Denver field office advised that bad actors (i.e. people with nefarious intentions, not Steven...
Read more...
Google used to offer Nexus-branded Android phones, but now Nexus means mobile malware. Chatter about the Nexus banking botnet began appearing on hacking forums in January 2023, but security researchers from Cleafy now believe this Android malware's origins stretch back to the middle of 2022. It's already very capable...
Read more...
A highly malicious malware is infecting Intel- and M-powered Macs, stealing sensitive information such as user passwords, credit card info, and cookies.
Uptycs researchers recently uncovered a new malware that targets macOS desktop and laptops and shared details on their blog. It's called MacStealer and can infect...
Read more...
A scary malware called Emotet could be coming to an inbox near you, so beware as you file your taxes this year. If you see an email looking suspiciously like what we're about to describe, do not open it.
Major malware app developer Malwarebytes announced a new phishing attack making its rounds just as U.S...
Read more...
ChatGPT is undeniably fun to mess with. It's fascinating to have a conversation with a machine, especially when that machine is practically omniscient and can offer up interesting tidbits of information about whatever topic. That function is so useful, some folks added it to a Chrome extension that adds extra details...
Read more...
Samsung unveiled its latest Galaxy smartphones earlier this month, and they're officially on sale today. They've got a plethora of new goodies, like a 200MP camera and an overclocked Snapdragon chip. Samsung has revealed yet another feature: Message Guard. This feature can detect and block zero-click malware messages...
Read more...
Mortal Kombat has a reputation for being brutal, but rather than exacting excessive violence on video game characters, unknown threat actors are brazenly brutalizing their victims’ finances in a Mortal Kombat-themed ransomware campaign. Aside from ransomware, this campaign also makes use of the Laplas Clipper malware...
Read more...
Pepsi Bottling Ventures (PBV) has suffered a major data breach, with hackers making off with a trove of sensitive information. The company has begun notifying affected individuals of this incident, but the details remain sparse. According to a sample of the security notice issued by PBV, unknown threat actors managed...
Read more...
Last year saw a rise in threat actors abusing Microsoft Office macros to infect their victims’ systems with malware, prompting Microsoft to block macros embedded in documents downloaded from the internet. In response, threat actors have had to pivot to alternative malware distribution and infection methods, including...
Read more...
We often report on phishing campaigns involving fraudulent customer support agents who trick victims into giving up sensitive information or installing malware on their systems. However, sometimes threat actors flip this script, instead posing as customers in need of help in order to prey on customer support agents...
Read more...
The key to any malware campaign is getting malicious code onto a target device, and often, attackers will use a legitimate app store as a vector. Samsung's Android smartphones ship with the Google Play Store, which has hosted its fair share of malware over the years, as well as the less popular Galaxy App Store...
Read more...
Cybersecurity researchers at ASEC have uncovered a threat campaign distributing remote access software under the guise of a Pokémon NFT card game. While many threat campaigns distribute Remote Access Trojans (RATs) that operate in the background to grant threat actors access to compromised systems, this particular...
Read more...
Corsair has acknowledged the presence of a peculiar bug in its K100 keyboard. Random text string history regurgitation has been causing concern among Corsair K100 users, as they thought it may be evidence of a malfunctioning keylogger working in the background. However, the good news is that the observed randomly...
Read more...
