Chinese hackers use Visual Studio Code tunnels for remote access

December 10, 2024 at 07:48AM Chinese hackers are utilizing Visual Studio Code tunnels to maintain persistent remote access to compromised IT service providers in Southern Europe, in a campaign dubbed ‘Operation Digital Eye.’ Initiating access through SQL injection and employing various techniques, these activities were detected by SentinelLabs, raising alarms about this emerging threat. ### … Read more

New DroidBot Android malware targets 77 banking, crypto apps

December 4, 2024 at 06:20PM A new Android malware called ‘DroidBot’ targets over 77 cryptocurrency exchanges and banking apps across the UK, Italy, France, Spain, and Portugal to steal user credentials. **Meeting Takeaways:** 1. **Introduction of New Malware:** A new Android banking malware called ‘DroidBot’ has been identified. 2. **Targeted Applications:** The malware specifically aims … Read more

BootKitty UEFI malware exploits LogoFAIL to infect Linux systems

December 2, 2024 at 01:08PM The ‘Bootkitty’ UEFI bootkit, the first malware targeting Linux systems, exploits CVE-2023-40238 (known as ‘LogoFAIL’) to infect computers with vulnerable UEFI firmware. This discovery highlights a significant security threat for Linux users. **Meeting Notes Takeaways:** 1. **Introduction of ‘Bootkitty’:** A new UEFI bootkit known as ‘Bootkitty’ has been identified, targeting … Read more

Gootloader Cyberattackers Target Bengal-Cat Aficionados in Oz

November 8, 2024 at 12:05PM Recent research indicates that cybercriminals are targeting Australians interested in Bengal cats using Gootloader malware. By optimizing search results related to Bengal cat legality, they trick users into downloading malicious files. Sophos warns of rising attacks utilizing this method, urging users to be cautious of suspicious links and downloads. **Meeting … Read more

‘SteelFox’ Miner and Information Stealer Bundle Emerges

November 7, 2024 at 07:59AM The SteelFox crimeware bundle masquerades as legitimate software like Foxit PDF Editor and AutoCAD to steal user information. This emerging threat poses significant risks to users seeking these applications. The information was reported by SecurityWeek. **Meeting Takeaways:** 1. **Threat Overview**: The SteelFox crimeware bundle impersonates legitimate software, specifically Foxit PDF … Read more

Fake Copyright Infringement Emails Spread Rhadamanthys

November 6, 2024 at 05:56PM Check Point Research has tracked a spear-phishing campaign, “CopyR(ight)hadamantys,” targeting hundreds of companies globally with emails claiming copyright infringement. The emails deliver the sophisticated infostealer Rhadamanthys, capable of stealing sensitive data. Attackers use automation to send these messages, often impersonating known brands in technology and entertainment industries. ### Key Takeaways … Read more

CyberPanel Vulnerabilities Exploited in Ransomware Attacks Shortly After Disclosure

October 31, 2024 at 06:14AM CyberPanel vulnerabilities have been exploited in ransomware attacks, impacting thousands of instances shortly after their disclosure. The article highlights the immediate ramifications of these security flaws. ### Meeting Takeaways: 1. **Vulnerability Overview**: CyberPanel vulnerabilities have been identified and exploited. 2. **Impact**: These vulnerabilities have led to the compromise of thousands … Read more

Android malware “FakeCall” now reroutes bank calls to attackers

October 30, 2024 at 10:58AM The new FakeCall malware for Android hijacks users’ outgoing calls to banks, redirecting them to attackers. It features advanced voice phishing tactics, realistic interfaces, and can capture audio/video. Recent improvements include additional control functionalities and commands, making it a more dangerous banking trojan. Users are cautioned against installing APKs directly. … Read more

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection

October 23, 2024 at 02:00PM New variants of Grandoreiro banking malware are evolving to evade anti-fraud measures, employing tactics like domain generation algorithms and mouse tracking. Despite some arrests, operators continue to develop new features and target users across 45 countries, primarily through phishing. The malware adapts continuously, posing a significant threat to banking security. … Read more

Tricky CAPTCHA Caught Dropping Lumma Stealer Malware

October 22, 2024 at 12:31PM Lumma Stealer has launched a campaign using malicious CAPTCHA pages to prompt malware downloads. This malware aims to steal sensitive data. Researchers emphasize the need for security teams to adopt continuous monitoring and adapt defenses against evolving threats like Lumma Stealer, using a multilayered approach for effective protection. ### Meeting … Read more