The 2FA application necessary to access BBVA bank accounts in Spain is impersonated by a new Android banking malware called Revive. Instead of aiming to infect customers of various financial institutions, the new banking trojan has a more targeted strategy…
Latest posts
$100 million cryptocurrency was stolen from the Blockchain company Harmony on Thursday evening
The company informed about the incident to the authorities; the FBI investigated the cyber attack taking the help of many cyber security firms. Harmony’s Horizon Bridge allows users to transfer their crypto assets from one blockchain to another. The company…
Google details commercial spyware that targets both Android and iOS devices
Google has issued a warning about a high-grade malware strain that targets users of Android and iOS mobile devices. A separate government- and enterprise-grade iOS and Android spyware variant is currently in circulation, according to Google Threat Analysis Group (TAG)…
Python libraries for PyPi were found sending unprotected websites using stolen AWS keys
The PyPI repository is home to a number of malicious Python packages that have been found to steal sensitive data like AWS credentials and send it to openly accessible locations. Software developers can choose the building blocks for their Python-based…
Chinese hackers are disseminating an SMS bomber tool that contains malware
As part of a recently revealed effort, a threat cluster connected to the hacking organisation Tropic Trooper has been seen employing previously unknown malware written in the Nim programming language to attack targets. According to a study from the Israeli…
VMware servers are still being compromised via Log4Shell exploits
Today, CISA issued a warning about threat actors continuing utilising the Log4Shell (CVE-2021-44228) remote code execution vulnerability to attack VMware Horizon and Unified Access Gateway (UAG) servers. Attackers can migrate laterally across networks until they get access to internal systems…
Hacker exploits a zero-day vulnerability in Mitel VoIP
A ransomware attack against an unnamed target used Mitel VoIP equipment as an entry point to execute the code remotely and access the environment. Crowdstrike, a cybersecurity firm, reported the findings, which tracked the source of the attack to a…
A serious PHP bug makes QNAP NAS equipment vulnerable to RCE attacks.
Customers of QNAP have been informed today that certain Network Attached Storage (NAS) devices (with non-default configurations) are susceptible to attacks that would take advantage of a serious, three-year-old PHP bug that permits remote code execution. “Versions of PHP 7.1.x…
Mega says it can’t decrypt your files. New PoC exploit shows otherwise
Mega’s encryption system has been found to have serious weaknesses that allow services to view your data. Mega, a cloud storage service with 250 million registered users and 120 billion files stored across 1,000 petabytes of storage, was launched ten…
NSO admits to the EU committee that Pegasus has been misused by 5 E.U countries
The infamous Israeli surveillance ware vendor NSO Group accepted that five countries used its Pegasus tool. The acceptance was in response to a question asked by European Union lawmakers. “We’re trying to do the right thing and that’s more than…