Security News
Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to...
A threat actor tracked as Unfurling Hemlock has been infecting target systems with up to ten pieces of malware at the same time in campaigns that distribute hundreds of thousands of malicious files. Security researchers describe the infection method as a "Malware cluster bomb" that allows the threat actor to use one malware sample that spreads additional ones on the compromised machine.
A federal grand jury in Maryland returned an indictment charging a Russian citizen with conspiracy to hack into and destroy computer systems and data. According to court documents, in Jan. 2022, members of the Main Intelligence Directorate of the General Staff of the Russian Federation conspired to use a U.S.-based company's services to distribute malware known in the cybersecurity community as WhisperGate to dozens of Ukrainian government entities' computer systems and destroy those systems and related data in advance of the Russian invasion of Ukraine.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
A novel Android attack vector from a piece of malware tracked as Snowblind is abusing a security feature to bypass existing anti-tampering protections in apps that handle sensitive user data. [...]
"The LNK file triggered the first element of the novel technique used in this infection chain for distributing IDAT Loader. The LNK file was using mshta.exe to execute what appeared to be a 'PGP Secret Key,' hosted again on Bunny CDN," Kroll's threat analysts found. Static analysis of that file showed that it was not a PGP key, but a combination of junk bytes, an embedded HTA file and an embedded EXE file.
The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey. The recent campaigns were discovered by the threat intelligence team at online fraud management company Cleafy, who says that the malware variants are lighter, need fewer persmissions on the device, and include full-screen overlaying and screenshot capturing.
Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor. Dubbed PHANTOM#SPIKE by Securonix, the...
A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised...
Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T LevelBlue Labs, which first...