Purple Fox malware operators have expanded their malware arsenal and now possess a new variant of a remote access trojan FataIRAT. Further, at the same time, the operators have improved their evasive capabilities to bypass security software. “Users’ machines are…
Researchers have uncovered a malicious scheme mainly directed towards Chinese users via fake apps on Android and iOS that resemble genuine digital wallet services to steal cryptocurrency funds. “These malicious apps were able to steal victims’ secret seed phrases by…
A new massive supply chain attack targeting Azure developers for stealing personal information has deployed more than 218 malicious NPM packages. “After manually inspecting some of these packages, it became apparent that this was a targeted attack against the entire…
Analysts from AhnLab, a company specialized in cybersecurity, revealed the spread of a new but already known virus called BitRAT. What is BitRAT? BitRAT, a malware classified as a Remote Access Trojan (RAT) is being distributed to users looking to…
A new email campaign attacking French entities uses a highly evasive attack chain. The phishing campaign is installing a new backdoor named Serpent. Initial details The sophisticated threat actor is leveraging a unique amalgamation of open-source software, which is a…
Mikro Tik’s vulnerable routers have been used in one of the largest botnet-as-a-service cybercrime, according to cybersecurity researchers. Avast published a new piece of research that states a cryptocurrency mining attack using the new-disrupted Glupteba botnet and the infamous TrickBot…
Can web browsers protect us, even if it is HTTPS? Maybe yes, but not with the novel BitB attack, which fakes us by a popup SSO window to phish the credentials for Google, Facebook, and Microsoft. Before clicking wily-nily on…
Researchers have identified that the actors behind the Gh0stCringe remote access trojan are targeting Microsoft SQL and MySQL database servers. Gh0stCringe, which is thought to be active since 2018, is a known variant of Gh0st RAT malware. A recent report…
Five new vulnerabilities have been found in Dell BIOS; if the vulnerabilities are successfully exploited, the systems can have codes executed remotely. The Dell vulnerability is another firmware vulnerability recently uncovered in Insyde Software’s InsydeH2O and HP Unified Extensible Firmware…
Social engineering attacks have been using romantic traps and cryptocurrency tricks to lure victims into installing duplicate apps. These attacks use legitimate iOS features like TestFlight and Web Clips to get into the system. Sophos, a cybersecurity company, has called…
