StopCrypt ransomware is one of the most prolific yet underreported ransomware families due to its usual target of individuals rather than high-profile businesses or larger entities. We may not see this strain of ransomware in the United States as much, but it is still a threat regardless, and an evolving one at that...
Read more...
Researchers have shown that running a man-in-the-middle attack against a Tesla owner can potentially compromise their account, unlock their car, and ultimately allow threat actors to drive away with it. There are, of coruse, a number a caveats. Much of this hinges on some social engineering, and tricking the Tesla owner to use a spoofed Wi-Fi
Read more...
It turns out that you do not need Chinese backdoors in products if people are just installing IoT devices with poor security. This is evidenced by a recent report regarding video doorbells manufactured by a Chinese company, which can be easily compromised. Further, these doorbells are sold around the United States at...
Read more...
Security researchers first spotted the Chameleon Android malware this past spring. This pervasive banking trojan has now evolved to become something much more dangerous. Through a series of fake system dialogs, the malware attempts to use the Android system Accessibility service, whic effectively gives Chameleon the...
Read more...
As it turns out, hotels, and by extension, the hospitality industry, are not the most secure organizations around despite handling personal information and credit card details. This is evident in the recent MGM Hotel breach or even further back with the 2022 social engineering of Marriott. Now, an infostealer campaign...
Read more...
Earlier this month, researchers from Palo Alto’s Unit 42 discovered a peer-to-peer worm dubbed P2PInfect targeting Redis installations, an open-source database application used in cloud environments. While only 934 of the publicly communicating 307,000 unique Redis systems may be vulnerable, the worm may knock on the...
Read more...
We like to joke about percussive maintenance when we talk about tools and technology. A good swift hit with a hammer can fix a lot of issues, right? Well, one researcher out of New Zealand found it was possible to use a screwdriver to reset the BIOS password for a Lenovo laptop.
If you’ve ever run into an issue...
Read more...
A highly malicious malware is infecting Intel- and M-powered Macs, stealing sensitive information such as user passwords, credit card info, and cookies.
Uptycs researchers recently uncovered a new malware that targets macOS desktop and laptops and shared details on their blog. It's called MacStealer and can infect...
Read more...
The key to any malware campaign is getting malicious code onto a target device, and often, attackers will use a legitimate app store as a vector. Samsung's Android smartphones ship with the Google Play Store, which has hosted its fair share of malware over the years, as well as the less popular Galaxy App Store...
Read more...
A new report claims that a law enforcement app leaked the personal details of suspects and police officers involved in major police operations going all the way back to 2011. SweepWizard, the app in question, was developed by ODIN Intelligence to help police coordinate multi-agency raids, such as Operation Protect the...
Read more...
Earlier this year, Google awarded a security researcher $107,500 for finding vulnerabilities in the company’s smart speakers. The researcher demonstrated that these vulnerabilities could be leveraged to link secondary accounts to Google smart home devices, then control the devices for nefarious ends, including...
Read more...
A researcher at the cloud security company Lightspin recently discovered a flaw in the Amazon Web Services (AWS) Elastic Container Registry (ECR) Public Gallery that threat actors could have exploited to delete or modify container images with billions of downloads. The leveraging of an exploit in this manner would...
Read more...
In the course of investigating an Android banking Trojan known as “Ermac,” cybersecurity researchers at ThreatFabric recently discovered a service that takes legitimate apps and turns them into Trojans. The researchers have named this service “Zombinder,” as it binds a malware dropper to legitimate apps, effectively...
Read more...
The cybersecurity firm Zimperium, has published a blog post detailing a recently discovered Android malware campaign that has been ongoing since 2018. This campaign spreads a set of malicious apps the researchers are calling the “Schoolyard Bully Trojan” on account of the fact that the malicious apps are disguised as...
Read more...
Researchers at the cybersecurity company Cyble have published a technical analysis of a new ransomware known as “AXLocker.” Aside from the regular data encryption performed by ransomware, AXLocker also searches victims’ systems for Discord login tokens, then hands these tokens over to the threat actor behind the...
Read more...
Threat researchers at the cybersecurity firm Proofpoint have discovered an extensive malware campaign targeting readers of online news outlets. A threat actor tracked as TA569, also known as SocGholish, has managed to compromise the infrastructure of a media company that serves content to a large number of news...
Read more...
Researchers at the threat analysis company ThreatFabric have published a report detailing some recent evolutions in Android malware droppers on the Google Play Store. Recent changes to Google Play policies restricting access to certain permissions have pushed malware developers to find workarounds. Google is...
Read more...
The conventional wisdom when you think you've picked up some nasty Windows malware is to format the disk and start from scratch, and that's enough to defeat most hacks. However, it won't help with a new piece of malicious code floating around hacking forums. Security researchers are sounding the alarm over a new UEFI...
Read more...
Last month, researchers at the cybersecurity firm GTSC discovered cyberattacks actively exploiting two zero-day vulnerabilities in the Microsoft Exchange email system. The researchers reported these two vulnerabilities to the Zero Day Initiative (ZDI), which verified this report and passed it on to Microsoft. The...
Read more...
Threat analysis teams from two different cybersecurity firms, Cyderes and Stairwell, have published a joint report detailing a new ransomware technique that may be the next big evolution in ransomware. Rather than encrypting data on victims’ computers, ransomware may soon corrupt the data instead, rendering it...
Read more...
Researchers at the cybersecurity firm ReasonLabs have discovered a credit card scam campaign estimated to have extracted tens of millions of dollars from tens of thousands of credit card holders. This scheme utilizes fake dating websites, a dedicated payment processor, and customer support services all created and...
Read more...
Research conducted by a team at the firmware security firm Binarly reveals that six vulnerabilities remain unpatched in various enterprise-grade HP laptops and desktops despite HP having developed patches for these vulnerabilities. Binarly discovered three of these vulnerabilities last year and notified HP of their...
Read more...
