The Lazarus Group, the government-backed North Korean hacking group, has been identified as operating an attack campaign that uses trojanized decentralized finance (DeFi) wallet app to spread a feature-loaded backdoor in affected Windows systems. The app has features to save…
Attacks using the popular Mars Stealer have been on the rise, according to researchers. Its popularity grew after the Raccoon Stealer was shut down abruptly, as some attackers turned to it as an alternative. The Campaign Morphisec discovered a scheme…
An Android spyware application was discovered that poses a “Process Manager” service to capture sensitive data from afflicted devices. The software, which has the package name “com.remote.app,” establishes communication with a remote command-and-control server, 82.146.35[.]240, which was previously recognized as…
On Monday, Mailchimp, an email marketing service, disclosed a data breach that compromised an internal tool, and the tool was used for unauthorised access to customer accounts and to execute phishing attacks. Bleeping Computer was the first to report this…
Between February and March 2022, a variant of the Mirai botnet known as Beastmode was observed using recently reported vulnerabilities in TOTOLINK routers to contaminate unpatched units and grow its reach substantially. “The Beastmode Mirai-based DDoS campaign has rapidly updated…
Police arrested a 19-year-old Tennessee man for stalking his partner using an Apple watch attached to the wheel of the partner’s car. According to an affidavit, Police became aware of the stalking after a security officer at a local family…
Researchers from the University of Oxford in the United Kingdom and Switzerland’s Armasuisse federal agency have discovered a new attack method for remotely interrupting the charging of electric vehicles. The Brokenwire attack entails wirelessly transmitting malicious signals to the targeted…
Vulnerabilities found in ImpressCMS can allow an unauthorised attacker to circumvent the software’s SQL injection safeguards to execute codes remotely or Remote code execution (RCE), informs a security researcher. The vulnerabilities, CVE-2021-26599, an SQL injection flaw and an access control…
Attackers continue to target VMware Horizon servers, which many organizations use to securely access enterprise apps for remote workers. Attackers are exploiting the critical Apache Log4j remote code execution vulnerability that came to the fore in December 2021. Sophos researchers…
An unknown threat actor has been employing a “ complex and powerful” malware loader for deploying cryptocurrency miners on affected systems and possibly allowing the theft of Discord tokens. “The evidence found on victim networks appears to indicate that the…
