Malware & Threats

Chameleon Android Malware Can Bypass Biometric Security

Android, Malware & Threats, Mobile & Wireless /

Chameleon Android Malware Can Bypass Biometric Security 2023-12-22 at 20:02 By Ionut Arghire A variant of the Chameleon Android banking trojan features new bypass capabilities and has expanded its targeting area. The post Chameleon Android Malware Can Bypass Biometric Security appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original […]

Chameleon Android Malware Can Bypass Biometric Security Read More »

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild

botnet, CISA, exploited, Malware & Threats, Mirai /

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild 22/12/2023 at 14:46 By Eduard Kovacs CISA released ICS advisories for FXC router and QNAP NRV flaws and added them to its known exploited vulnerabilities catalog.  The post CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild appeared first on

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild Read More »

NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains

Malware & Threats, NSA /

NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains 20/12/2023 at 18:32 By Ionut Arghire The National Security Agency has published a new yearly report detailing its cybersecurity efforts throughout 2023. The post NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains Read More »

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE

Akamai, Malware & Threats, Microsoft, Microsoft Outlook, Vulnerabilities, Zero-Day /

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE 19/12/2023 at 23:55 By Ionut Arghire Akamai researchers document more vulnerabilities and patch bypasses leading to zero-click remote code execution in Microsoft Outlook. The post Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE appeared first on SecurityWeek. This article is an excerpt from

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE Read More »

Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies

APT29, espionage, Malware & Threats, Russia, supply chain, Supply Chain Security /

Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies 14/12/2023 at 14:35 By Ionut Arghire US, UK, and Poland warn of Russia-linked cyberespionage group’s broad exploitation of recent TeamCity vulnerability. The post Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies Read More »

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle

Adobe, Application Security, Illustrator, Malware & Threats, Patch Tuesday, Vulnerabilities /

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle 12/12/2023 at 23:47 By Ryan Naraine Adobe warned users on both Windows and macOS systems about exposure to code execution, memory leaks and denial-of-service security issues. The post Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle appeared first on SecurityWeek. This article is

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle Read More »

North Korean Hackers Developing Malware in Dlang Programming Language

Lazarus, Malware, Malware & Threats, North Korea /

North Korean Hackers Developing Malware in Dlang Programming Language 11/12/2023 at 18:16 By Ionut Arghire North Korean hackers have used Dlang-based malware in attacks against manufacturing, agriculture, and physical security organizations. The post North Korean Hackers Developing Malware in Dlang Programming Language appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

North Korean Hackers Developing Malware in Dlang Programming Language Read More »

Trail of Bits Spinout iVerify Tackles Mercenary Spyware Threat

Android, apple, Data Protection, iOS, Malware & Threats, Mobile & Wireless, spyware, surveillance /

Trail of Bits Spinout iVerify Tackles Mercenary Spyware Threat 06/12/2023 at 19:03 By Ryan Naraine iVerify, a seed-stage startup spun out of Trail of Bits, ships a mobile threat hunting platform to neutralize iOS and Android zero-days. The post Trail of Bits Spinout iVerify Tackles Mercenary Spyware Threat appeared first on SecurityWeek. This article is

Trail of Bits Spinout iVerify Tackles Mercenary Spyware Threat Read More »

5 Critical Steps to Prepare for AI-Powered Malware in Your Connected Asset Ecosystem

Artificial Intelligence, Malware & Threats /

5 Critical Steps to Prepare for AI-Powered Malware in Your Connected Asset Ecosystem 06/12/2023 at 14:17 By Rik Ferguson AI-powered attacks will become progressively more common, and a well-rounded security approach involves more than simply managing incidents effectively. The post 5 Critical Steps to Prepare for AI-Powered Malware in Your Connected Asset Ecosystem appeared first

5 Critical Steps to Prepare for AI-Powered Malware in Your Connected Asset Ecosystem Read More »

Russian Pleads Guilty to Role in Developing TrickBot Malware

Conti, cybercrime, Data Breaches, Malware & Threats, Ransomware, Ryuk, Trickbot /

Russian Pleads Guilty to Role in Developing TrickBot Malware 04/12/2023 at 18:16 By Ionut Arghire Russian national Vladimir Dunaev pleaded guilty to involvement in the development and use of the TrickBot malware that caused tens of millions of dollars in losses. The post Russian Pleads Guilty to Role in Developing TrickBot Malware appeared first on

Russian Pleads Guilty to Role in Developing TrickBot Malware Read More »

New ‘Turtle’ macOS Ransomware Analyzed

Mac malware, Malware & Threats, Ransomware /

New ‘Turtle’ macOS Ransomware Analyzed 01/12/2023 at 15:01 By Eduard Kovacs New Turtle macOS ransomware is not sophisticated but shows that cybercriminals continue to target Apple devices. The post New ‘Turtle’ macOS Ransomware Analyzed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

New ‘Turtle’ macOS Ransomware Analyzed Read More »

Apple Patches WebKit Flaws Exploited on Older iPhones

apple, CVE-2023-42916, CVE-2023-42917, Endpoint Security, Featured, iOS, macOS, Malware & Threats, Vulnerabilities /

Apple Patches WebKit Flaws Exploited on Older iPhones 30/11/2023 at 23:02 By Ryan Naraine Apple’s security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1. The post Apple Patches WebKit Flaws Exploited on Older iPhones appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Apple Patches WebKit Flaws Exploited on Older iPhones Read More »

Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users

Android trojan, Iran, Malware & Threats, Mobile & Wireless /

Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users 30/11/2023 at 14:16 By Ionut Arghire Zimperium has identified over 200 information-stealing Android applications targeting mobile banking users in Iran. The post Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users Read More »

Exploitation of Critical ownCloud Vulnerability Begins

exploited, Featured, Malware & Threats, ownCloud, Vulnerabilities /

Exploitation of Critical ownCloud Vulnerability Begins 28/11/2023 at 18:01 By Ionut Arghire Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure. The post Exploitation of Critical ownCloud Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Exploitation of Critical ownCloud Vulnerability Begins Read More »

Russia’s LitterDrifter USB Worm Spreads Beyond Ukraine

Malware & Threats, Russia, USB, worm /

Russia’s LitterDrifter USB Worm Spreads Beyond Ukraine 20/11/2023 at 15:46 By Ionut Arghire Gamaredon’s self-propagating LitterDrifter USB worm spreads from Ukraine to the US and other countries. The post Russia’s LitterDrifter USB Worm Spreads Beyond Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Russia’s LitterDrifter USB Worm Spreads Beyond Ukraine Read More »

US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website

credential stuffing, cybercrime, DraftKings, Identity & Access, Joseph Garrison, Malware & Threats /

US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website 17/11/2023 at 19:18 By Ionut Arghire Wisconsin teenager Joseph Garrison has admitted in court to launching a credential stuffing attack on a betting website. The post US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website appeared first on SecurityWeek. This

US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website Read More »

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA KEV, exploited, Featured, Malware & Threats, Sophos /

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability 17/11/2023 at 16:20 By Eduard Kovacs CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability Read More »

Zimbra Zero-Day Exploited to Hack Government Emails

email security, exploited, Featured, Government, Malware & Threats, Zimbra /

Zimbra Zero-Day Exploited to Hack Government Emails 16/11/2023 at 19:46 By Eduard Kovacs Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails. The post Zimbra Zero-Day Exploited to Hack Government Emails appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Zimbra Zero-Day Exploited to Hack Government Emails Read More »

US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea

botnet, Featured, Malware & Threats, takedown, Tracking & Law Enforcement /

US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea 15/11/2023 at 17:01 By Eduard Kovacs US government announces the takedown of the IPStorm proxy service botnet and the guilty plea of its creator, a Russian/Moldovan national. The post US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea appeared first on SecurityWeek. This article

US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea Read More »

Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion

Acrobat and Reader, Adobe, Application Security, ColdFusion, Malware & Threats, Patch Tuesday, Vulnerabilities /

Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion 14/11/2023 at 21:46 By Ryan Naraine Adobe patches 72 security bugs and calls special attention to code-execution defects in the widely deployed Acrobat and Reader software. The post Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion appeared first on SecurityWeek. This article is an excerpt

Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion Read More »

Scroll to Top