Security News

The Zerobot botnet has been upgraded to infect new devices by exploiting security vulnerabilities affecting Internet-exposed and unpatched Apache servers. Zerobot has been under active development since at least November, with new versions adding new modules and features to expand the botnet's attack vectors and make it easier to infect new devices, including firewalls, routers, and cameras.

The FBI warns that threat actors are using search engine advertisements to promote websites distributing ransomware or stealing login credentials for financial institutions and crypto exchanges. These ads appear at the top of search result pages and link to sites that look identical to the impersonated company's website.

An Android banking malware named 'Godfather' has been targeting users in 16 countries, attempting to steal account credentials for over 400 online banking sites and cryptocurrency exchanges. The malware generates login screens overlaid on top of the banking and crypto exchange apps' login forms when victims attempt to log in to the site, tricking the user into entering their credentials on well-crafted HTML phishing pages.

The Computer Emergency Response Team of Ukraine this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense. The attacks, which have been attributed to a threat cluster dubbed UAC-0142, aimed to infect systems with two pieces of data-stealing malware referred to as FateGrab and StealDeal.

The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to the platform to steal software developers' data. The malware dropped in this campaign is a clone of the open-source W4SP Stealer, responsible for a previous widespread malware infection on PyPI in November 2022.

The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers and evade detection when it detects it's being run within sandboxes and debugging tools. Raspberry Robin is a worm-like malware dropper that sells initial access to compromised networks to ransomware gangs and malware operators.

Apple has fixed a vulnerability attackers could leverage to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution restrictions. Found and reported by Microsoft principal security researcher Jonathan Bar Or, the security flaw is now tracked as CVE-2022-42821.

A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the 'DELTA' situational awareness program to infect systems with information-stealing malware. The campaign was highlighted in a report today by CERT-UA, which warned Ukrainian military personnel of the malware attack.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.