Malware

06 Jan

SpyNote Android Malware Infections Surge Following Leak of CypherRat Source Code

Attacks, Malware

While no official statement has been released as to how the malware variants are spreading, it can be assumed that these are likely spreading through phishing campaigns and malicious websites. From an enterprise level, the best course of action to take to prevent against this malware would be to educate end users on the best practices to take when browsing the internet, to verify application legitimacy, and to read application reviews prior to installation. Applications…

Read More
06 Jan

Bitdefender Releases Decryptor for MegaCortex Ransomware

Attacks, Malware

MegaCortex was first discovered in 2019 and was observed targeting corporate network with attacks that included adjustable ransom demands based on the companies that were attacked and the amount of data stolen. In October 2021, officials arrested 12 individuals related to thousands of MegaCortex and LockerGoga ransomware attacks. Along with the arrests, authorities discovered the private keys used in attacks, which lead to Bitdefender releasing the decryptor for the LockerGoga ransomware. Bitdefender did not release…

Read More
06 Jan

Rackspace: Customer Email Data Accessed in Ransomware Attack

Attacks, Malware

Since discovering the attack on December 2 and confirming the resulting outage was caused by a ransomware attack, Rackspace has been offering affected customers free licenses to migrate their email from its Hosted Exchange platform to Microsoft 365. The cloud computing provider also provided affected customers with download links to recovered historic mailbox data (containing email messages before December 2) through its customer portal via an automated queue. Rackspace added that its Hosted Exchange environment…

Read More
06 Jan

Many of 13 New Mac Malware Families Discovered in 2022 Linked to China

Information, Malware, News

More than a dozen new Mac malware families were discovered in 2022, including information stealers, cryptocurrency miners, loaders, and backdoors, and many of them have been linked to China. Mac security expert Patrick Wardle has compiled a list of the macOS malware that came to light over the course of last year. The number of new malware appears to be increasing as only eight new families were spotted in 2021. The first malware to emerge…

Read More
06 Jan

14 UK schools suffer cyberattack, highly confidential documents leaked

Data Breaches, Malware, Social Engineering

More than a dozen schools in the UK have suffered a cyberattack which has led to highly confidential documents being leaked online by cybercriminals. That’s according to a report from the BBC which claimed that children’s SEN information, child passport scans, staff pay scales and contract details have been stolen by notorious cybercrime group Vice Society, known for disproportionately targeting the education sector with ransomware attacks in the UK and other countries. Passport, contract data…

Read More
06 Jan

Twitter’s mushrooming data breach crisis could prove costly

Data Breaches, Malware, Social Engineering

Since Elon Musk purchased Twitter in late October, non-stop turmoil and controversy have dogged the company, from massive staff firings and resignations to reputational damage from Musk’s careless and often bizarre tweets. Now, mushrooming concern around a possible data breach stemming from a now-fixed Twitter flaw is poised to drive the company further down unless Twitter takes quick action. Even as regulators in Europe begin to probe what appears to be a massive Twitter data…

Read More
05 Jan

Banking Trojan apocalypse: how hackers are stealing millions

Malware

Several weeks ago, I received a phone call from my friend who is a business owner and works in the cargo industry. He informed me that US$24,000 had vanished from his bank account during the previous night. The bank customer care team could not assist and suggested that my friend file a report with the police. The funds were transferred using a mobile app. The transaction was verified via a text message and appeared to…

Read More
05 Jan

Attackers create 130K fake accounts to abuse limited-time cloud computing resources

Data Breaches, Malware, Social Engineering

A group of attackers is running a cryptomining operation that leverages the free or trial-based cloud computing resources and platforms offered by several service providers including GitHub,  Heroku, and Togglebox. The operation is highly automated using CI/CD processes and involves the creation of tens of thousands of fake accounts and the use of stolen or fake credit cards to activate time-limited trials. Researchers from Palo Alto Networks’ Unit 42 have dubbed the group Automated Libra…

Read More
05 Jan

Toyota Customers’ Personal Information Potentially Exposed in GitHub Repository

Attacks, Malware

Although Toyota does not believe data was accessed by an unauthorized party, it is still recommended that those customers remain vigilant for the time being. Since email addresses were included with other exposed data, affected individuals are more vulnerable to scams and phishing attempts. If emails from unknown senders are received, they should not be interacted with. Unusual emails, emails involving payments, or emails involving sign-in links to high value accounts from trusted counterparties should…

Read More
05 Jan

Hackers Abuse Windows Error Reporting Tool to Deploy Malware

Attacks, Malware

It is highly recommended to implement and maintain email security controls, including the ability to block certain file attachments. ISO files have become extremely popular among threat actors as a way to initially get malware on to the system while also evading defenses. In this campaign, the threat actors attach the ISO directly to a phishing email received by the end user. By being able to block incoming emails that contain ISO (or IMG) attachments,…

Read More