November 14, 2023 at 03:27AM Vietnamese threat actors behind the Ducktail stealer malware targeted marketing professionals in India between March and October 2023, aiming to hijack Facebook business accounts. Unlike previous campaigns, this one used Delphi as the programming language. The attackers used sponsored ads on Facebook to propagate malicious ads and deploy malware, gaining … Read more
October 31, 2023 at 11:13AM Canada has banned the use of Kaspersky security products and Tencent’s WeChat app on mobile devices used by government employees due to network and national security concerns. The ban will take effect on October 30, 2023, and the government has stated that there is no evidence of government information being … Read more
October 31, 2023 at 04:36AM Canada has banned the use of Tencent’s WeChat and Kaspersky’s applications on government mobile devices. The ban is due to privacy and security concerns and aims to keep government information and networks secure. The move follows similar bans of TikTok and Kaspersky by other countries. Key takeaways from the meeting … Read more
October 27, 2023 at 11:43AM The Lazarus Group, a North Korea-linked threat actor, has launched a new cyber attack campaign targeting a software vendor through known security flaws in another software. The attack involved the deployment of malware families such as SIGNBT and LPEClient. The Lazarus Group has demonstrated advanced evasion techniques and targeted other … Read more
October 27, 2023 at 10:43AM Cybersecurity firm Kaspersky has warned about a highly advanced piece of malware named StripedFly that has been infecting over one million devices for the past five years. The threat is designed as a modular framework and can target both Windows and Linux systems. It utilizes a Tor network tunnel for … Read more
October 24, 2023 at 04:26PM The emerging ransomware strain called Rhysida, operating since May, is targeting users of Brazil’s PIX payment system. Rhysida, which functions as a ransomware-as-a-service (RaaS), has a unique self-deletion mechanism and is compatible with pre-Windows 10 versions of Microsoft. It faced initial configuration challenges but quickly adapted. Alongside Rhysida, there is … Read more
October 24, 2023 at 03:03PM Kaspersky has released a report detailing the iOS zero-click attacks it suffered. Dubbed ‘Operation Triangulation’, the attacks used malicious iMessage attachments to exploit a zero-day vulnerability and deploy spyware named TriangleDB. The attackers implemented stealth techniques to avoid detection, including using two validators to collect device information and ensure the … Read more
October 24, 2023 at 05:45AM The TriangleDB implant used in Operation Triangulation targets Apple iOS devices. It includes modules to record audio, steal data from apps, and determine the victim’s location. The attack utilizes zero-click exploits through iMessage attachments and employs various validators to avoid being detected. The identity of the threat actor remains unknown, … Read more
October 23, 2023 at 02:09PM DoNot Team, a threat actor suspected to be of Indian origin, has been using a new .NET-based backdoor called Firebird to target victims in Pakistan and Afghanistan. The attack also involves a downloader named CSVtyrei. Kaspersky discovered the attack and noted ongoing development efforts. Transparent Tribe, another hacking group, has … Read more
October 16, 2023 at 06:27PM Kaspersky has launched Kaspersky Container Security (KCS), a full-featured solution for containerized environments. KCS provides security for containerized applications during development and runtime, offering protection from cyber incidents. It consists of three main components: KCS scanner, KCS agent, and KCS server. KCS easily integrates into DevSecOps frameworks and helps ensure … Read more