Researchers at Cado Security have found new malware targeting maOS users, which is dubbed “Cthulhu Stealer.” The malicious app attempts to deceiver users by masquerading as legitimate software, such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP. It’s incredibly similar to Atomic Stealer, malware first released in...Read more...
While some might say passwords are on the way out, especially with the advent of passkeys that are regarded as a better solution. However, the extinction of the password isn’t a reality yet. Passwords are still around and they're sometimes terribly not secure, especially if you use one of the top 200 worst passwords for any of your accounts. Read more...
Account credentials and personal data are hot commodities online, which often going up for sale at low prices so shady characters can move thousands of accounts quickly. This is reportedly what has happened to just over 15,000 Roku customers who had their accounts compromised due to credential stuffing attacks that...Read more...
There has been a smorgasbord of breaches as of late, though the U.S. government, in conjunction with international partners, is starting to quell that problem. However, in the past year, threat actors have had their pick of the buffet for breaches, which now includes Golden Corral, a literal buffet. The famous...Read more...
Google used to offer Nexus-branded Android phones, but now Nexus means mobile malware. Chatter about the Nexus banking botnet began appearing on hacking forums in January 2023, but security researchers from Cleafy now believe this Android malware's origins stretch back to the middle of 2022. It's already very capable...Read more...
Last year saw a rise in threat actors abusing Microsoft Office macros to infect their victims’ systems with malware, prompting Microsoft to block macros embedded in documents downloaded from the internet. In response, threat actors have had to pivot to alternative malware distribution and infection methods, including...Read more...
Earlier this month, a Swiss hacker who goes by the name maia arson crimew exfiltrated a copy the US government’s No Fly List from an insecure server. This list, which names individuals who are forbidden from flying anywhere within US borders, is a subset of the Terrorist Screening Database and is kept hidden from the...Read more...
TA444 is an advanced persistent threat (APT) group believed to be associated with the North Korean government. However, rather than receiving financial backing from its government, the group seems to bring in revenue for the government. Unlike most state-backed APTs, such as China’s Aoqin Dragon or Iran’s Charming...Read more...
Over the past week, Gmail users have been reporting abuse of the Google Ads platform. However, rather than conducting ad fraud or placing ads that distribute malware, the actors behind this recent activity are leveraging the Google Ads invitation system to direct traffic to various to risky websites. These sites are...Read more...
A massive ad fraud campaign has shut down after undergoing mitigation efforts organized by HUMAN, cybersecurity firm that works to distinguish human beings from bots for the purpose of disrupting cybercrime. The ad fraud campaign, dubbed “VASTFLUX” by members of HUMAN’s Satori Threat Intelligence and Research Team...Read more...
The Liquor Control Board of Ontario (LCBO), a government organization that sells alcoholic beverages within Ontario, Canada, has published a statement notifying customers of a cybersecurity incident affecting the retailer’s online store. According to this statement, unknown threat actors managed to compromise the...Read more...
Those who follow cybersecurity news will know that both security researchers and threat actors alike are frequently discovering security vulnerabilities, prompting developers to create and release patches for these vulnerabilities. While fixing security flaws is a good thing, it’s bad news when such fixes are prompted...Read more...
BIT Mining Limited has published a news release disclosing that the cryptocurrency mining pool run by its subsidiary, BTC.com, suffered a cyberattack earlier this month on December 3. In the course of the attack, threat actors stole cryptocurrency valuing approximately $3 million in total. BIT Mining has informed...Read more...
You're sitting there, playing Mario Kart online on the brand-new Nintendo Switch you got over the holidays. All of a sudden, you get booted back to the home screen on the Switch. You reconnect to the game, only for it to happen again. Thanks to a security vulnerability found in numerous first party Nintendo titles...Read more...
The first day of Pwn2Own Toronto 2022 has come and gone, and Samsung’s Galaxy S22 has had it rough, with more potential abuse yet to come. A variety of printers and routers from different companies have also taken some beatings. Pwn2Own is a hacking contest held every year by the Zero Day Initiative (ZDI), giving...Read more...
TikTok’s meteoric rise is due, in part, to viral challenges that spread on the social media platform. Some of these challenges are not only dumb, but down right dangerous. One of the more recent challenges revolves around a TikTok filter that masks people’s bodies with a blur of color intended to match the background...Read more...
Researchers at the cybersecurity firm ESET have discovered an active Android malware campaign that began in January 2022. The campaign in question distributes spyware injected into legitimate VPN apps. The researchers have tied this campaign to an advanced persistent threat (APT) group known as “Bahamut.”
Bahamut...Read more...
A cyber risk and security analysis company by the name of Cyble has discovered that there are a number of websites distributing a version of MSI Afterburner laced with various strains of malware. Those who accidentally download this widely popular graphics card utility via one of the cunningly crafted spoof domains...Read more...
Three days ago, users of the sports betting service DraftKings began reporting that their accounts had been hacked. In cases in which the hacked accounts contained funds, users reported the hackers attempting to withdraw their funds to newly added bank cards. Yesterday, DraftKings acknowledged these reports publicly...Read more...
Around 8,000 Android and iOS apps rely on code provided by Pushwoosh to monitor user activity and send custom push notifications. According to a report by Reuters, Pushwoosh has made efforts to portray itself as a US-based company, obscuring the fact that the company operates out of Russia. Among the clients that...Read more...
Yesterday, the cloud storage provider Dropbox disclosed a recent phishing attack targeting the company’s employees that resulted in unauthorized access to 130 of its GitHub repositories. Fortunately, the incident didn’t escalate to a breach affecting any users’ Dropbox content, passwords, or payment information...Read more...
A Reddit user looking download and install the free image editor GIMP has discovered a devious malware campaign using contextual Google search ads to trick unsuspecting users into installing the RedLine stealer malware. The user who uncovered and reported this campaign almost fell prey to it himself, until Windows...Read more...