Microsoft has recently discovered social engineering activities by an actor we trace as ZINC that weaponized legal open-source software. In the US, UK, India, and Russia, the Microsoft Threat Intelligence Center (MSTIC) has detected activities aimed against employees of businesses…
Agent Tesla’s remote access trojan is distributed using Quantum Builder, a newly identified malware creator (RAT). When compared to earlier attacks of this type, this campaign has improvements and a shift toward LNK (Windows shortcut) files. According to a report…
In recent months, Chaos, a new, multi-functional Go-based virus, has seen a sharp increase in volume to capture a variety of Windows, Linux, SOHO routers, and enterprise servers into its botnet. According to experts at Lumen’s Black Lotus Labs, “Chaos…
In September, a raft of cyber disruptions hit the South American nation. In order to combat the spread of a virus that fraudulently encrypts files, the Chilean judiciary shut down 150 computers. Despite assurances from officials that most court procedures…
In an ongoing effort that started in 2019, as many as 75 apps on Google Play and 10 on the Apple App Store have been found to be involved in ad fraud scheme. The most recent attack wave, code-named Scylla…
Two WhatsApp bugs for Android and iOS that might allow remote code execution on weak devices have been fixed with security updates. One of these involves WhatsApp’s serious integer overflow vulnerability CVE-2022-36934 (CVSS score: 9.8). This allows arbitrary code to…
In order to remain undetected and widen its scope, the BlackCat ransomware team has been observed perfecting its malware arsenal. Researchers from Symantec noted in a recent report that two noteworthy advancements have been the usage of a new version…
An advanced persistent threat actor (APTA) with ties to China identified as TA413 used recently discovered security holes in Microsoft Office and Sophos Firewall to launch a never-before-seen backdoor named LOWZERO as part of an espionage campaign against Tibetan groups.…
The problem still has to be fixed, although there are solutions available. Pebble, a Java templating engine, had a weakness that might let attackers get beyond its security safeguards. Framework Pebble vulnerable can launch command injection attacks against host servers.…
The clever operation directs people looking for business templates and forms to websites that are hosting dangerous files. Researchers have found a high-effort SEO poisoning campaign involves workers in various business and governmental sectors. They look up specific terms related…
