News Blog
[ad_1] Apr 10, 2024NewsroomSoftware Security / Supply Chain Attack Threat actors are now taking advantage of GitHub’s search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware. The latest assault on the open-source software supply chain involves concealing malicious code within Microsoft Visual Code project files that’s designed…
[ad_1] Apr 08, 2024NewsroomInvestment Scam / Mobile Security Google has filed a lawsuit against two app developers for engaging in an “international online consumer investment fraud scheme” that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of promising higher returns. The…
[ad_1] Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. “It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website,” Netskope…
[ad_1] Mar 15, 2024NewsroomMalvertising / Threat Intelligence Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the software and ultimately deploy Geacon, a Golang-based implementation of Cobalt Strike. “The malicious site found in the…
[ad_1] Feb 16, 2024NewsroomEndpoint Security / Cryptocurrency Several companies operating in the cryptocurrency sector are the target of a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines….
[ad_1] Feb 06, 2024NewsroomSocial Engineering / Malvertising Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer. “This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat actor monitors,” Trustwave SpiderLabs…
[ad_1] Jan 26, 2024NewsroomMalvertising / Phishing-as-a-service Chinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign. “The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote Administration Trojan (RATs) instead,”…
[ad_1] Jan 22, 2024NewsroomCyber Attack / Hacking Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a threat actor known as ScarCruft in December 2023. “ScarCruft has been experimenting with new infection chains, including the use of a technical threat research report as…
[ad_1] Jan 18, 2024NewsroomServer Security / Cryptocurrency Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. “This is the first documented case of malware deploying the 9Hits application as a…