Security News
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called...
Cyber baddies have turned to ad networks to measure malware deployment and to avoid detection, according to HP Wolf Security. The security group's Q4 2024 Threat Insights Report finds criminals have adopted ad tech tools to make their social engineering attacks more effective.
A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. The new malware, spotted by Group-IB, is part of a malware suite developed by the Chinese threat group known as 'GoldFactory,' which is responsible for other malware strains such as 'GoldDigger', 'GoldDiggerPlus,' and 'GoldKefu.
Drawing parallels from the stealthy and offensive nature of hunter-killer submarines, these malware strains evade security measures with precision and proactively seek out and impair security tools, firewalls, logging services, audit systems, and other protective measures within an infected system. These sophisticated malware execute comprehensive attack campaigns by blending covert operations with aggressive assaults on security controls - posing a high-level challenge to organizational cyber defense efforts.
North Korea's latest money-making venture is the production and sale of gambling websites that come pre-infected with malware, according to South Korea's National Intelligence Service. For an extra $3,000 per month North Korea throws in tech support.
A logic flaw between Ubuntu's 'command-not-found' package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users. [...]
The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024. Enterprise security...
The Bumblebee malware loader seemingly vanished from the internet last October, but it's back and - oddly - relying on a vintage vector to try and gain access. First spotted in 2022 by researchers at Proofpoint - who identified it as an apparent replacement for BazarLoader - Bumblebee was originally used by high-profile ransomware groups including Russia-linked Conti.
A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting...
Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan.The hacking group was spotted using the zero-day in attacks on New Year's Eve day by Trend Micro security researchers.