Kaspersky discovered a significant rise in malicious links for bogus Windows 11 installers. The primary purpose of the executable is to download different types of malicious software on the device. Therefore, it is recommended...
Trend Micro attributed an Android malware sample to the StrongPity APT group, which was pilfering contact lists and collecting files with specific file extensions from Syrian e-Gov websites. Targeting a government’s application portal to...
Iranian state-aligned threat actor TA453 hacked a website pertaining to the University of London, to steal information of journalists, professors, and think tanks, under a campaign dubbed SpoofedScholars. The APT group is continuously innovating...
Google singled out nine apps—with over 5.8 million combined downloads—masqueraded as genuine apps such as Horoscope Daily and Rubbish Cleaner to steal Facebook login details. Before and after installing any app, users must stay...
INTERPOL arrested Dr. Hex under the operation Lyrebird. The accused was involved in attacks on 134 websites from 2009–2018 across multiple regions. This arrest comes as a breath of fresh air for the security community....
A ransomware attack by REvil group paralyzed the networks of thousands of companies from the U.S. to Sweden. Hackers exploited Kaseya’s systems management platform called VSA. The gang has allegedly demanded millions in ransom to...
Proofpoint discovered that the MoleRATs hacking group, which has become active again after a two-month break, is infiltrating government networks in the Middle East. The group has constantly been targeting entities working with the...
Experts uncovered an attack campaign that targets users of pirated software. The Vigilante malware blocks users’ access to websites hosting pirated software. Users are requested to stay protected by avoiding the download of pirated...
Malware actors increasingly luring victims under the pretense of popular apps and brands. A malware infection impersonating Kaspersky’s antivirus product for Android was launched attacks against its users via third-party app marketplaces. click here...
TeamTNT is targeting the credentials of 16 cloud-based platforms, including AWS and Google Cloud, which it uses for its illegitimate cryptojacking operations. Organizations are recommended to proactively block the network connections and C2 endpoints associated...
FreakOut, the multi-platform Python-based malware that targets Windows and Linux devices, has been updated. The malware is now upgraded to worm its way into publicly exposed unpatched VMware servers. click here to read full...
Google researchers detail Half-Double, another Rowhammer attack technique, that could help criminals bypass current defenses and steal or manipulate data stored in memory. This recent study on the new Rowhammer bug variant is expected to...
Researchers identified a new type of cybercrime groups, dubbed privateers, that have partial support from global governments as they remain financially motivated and act upon their own agendas. Though these groups fall below those...
ClearSky attributed multiple attacks on cryptocurrency exchanges to a threat actor, dubbed CryptoCore, and linked its activities with Lazarus. It swindled hundreds of millions of dollars from the U.S., Israel, Europe, and Japan over...
Security analysts at ESET identified 158 privacy and security issues in 58 Android stalkerware apps that could lead to account and device hijacking, data manipulation, and remote code execution, among others. click here to...
A malware campaign that has been undergoing constant development in its toolsets since February now boasts of four different malware versions – all of which start with an AHK executable that leads to the...
