The ever-growing market value of cryptocurrency, now estimated at over $2.5 trillion, has been attracting cybercriminals over the years. The digital currency has been of great help in monetizing ransom payments, but has many more other sides that are lucrative…
What Is CronRAT? CronRAT is a new sophisticated malware threat of the remote access trojan type, discovered just before this year’s Black Friday. The malware is packed with previously unseen stealth capabilities. It hides in the Linux calendar system on…
CVE-2021-41379 is an elevation-of-privilege vulnerability which Microsoft fixed earlier this month. However, it turns out that there is another, “more powerful” variant, discovered by security researcher Abdelhamid Naceri. He came across a Windows Installer EoP flaw patched by Microsoft several…
Widely used Taiwanese MediaTek system-on-chips (SoCs) contain multiple vulnerabilities, according to Check Point researchers. The chips are deployed in approximately 37% of all smartphones and IoT devices worldwide, including models by Xiaomi, Oppo, Realme, Vivo. Widely Used MediaTek SoCs Contain…
Another enormous cybersecurity incident has hit domain registrar GoDaddy. The large-scale data breach is the fifth “injury” the company has had since 2018. This time, 1.2 million GoDaddy customers were affected, after an unauthorized third-party successfully infiltrated its systems on…
A new research reveals that approximately 6 million Sky routers were vulnerable to a DNS rebinding vulnerability that allowed a customer’s home network to be compromised from the internet. The discovery comes from Ten Pest Partners. The researchers didn’t announce…
A new phishing scam targeting TikTok users has been detected. The scammers’ purpose was to try to takeover more than 125 high-profile users accounts on the platform. This is believed to be the first major phishing attack on TikTok influencers.…
Has Emotet been resurrected? It seems that the notorious malware is back for Christmas. Months after the malware was dismantled by law enforcement, security researcher Luca Ebach sees signs of Emotet usage in the wild. His report indicates that TrickBot…
SharkBot is a new Android trojan (and botnet) capable of accessing various features on breached devices to obtain credentials related to banking and cryptocurrency platforms. Users in Italy, the U.K. and the U.S. have been targeted so far. The Android…
A recently conducted analysis sheds new light on website fingerprinting (WF) attacks on Tor. Website Fingerprinting Attacks on Tor According to a team of academics (Giovanni Cherubin of Alan Turing Institute, Rob Jansen of U.S. Naval Research Laboratory, and Carmela…
CVE-2021-34484 is a Microsoft security vulnerability, originally patched in August but now exploitable with a patch bypass. The vulnerability could allow local privilege escalation from a regular user to System. It was discovered by security researcher Abdelhamid Naceri. Related: Windows…
A new Linux wormable botnet has been observed in the wild. Called Abcbot, the threat is targeting “relatively new cloud service providers (CPSs) with cryptocurrency-mining malware and cryptojacking attacks,” according to Trend Micro’s findings. The malware deploys code that removes…
Security researchers from Cybereason shed new light into the workings of TrickBot. TrickBot and Shathak Threat Groups Join Forces According to the latest findings, the threat actors behind the TrickBot trojan, known as Wizard Spider, are currently working together with…
New Linux vulnerabilities discovered. Security researchers from jFrog and Claroty reported the discovery of 14 vulnerabilities in the BusyBox Linux utility. BusyBox Linux Vulnerabilities: from CVE-2021-42373 to CVE-2021-42386 What is BusyBox? BusyBox provides commands for embedded Linux environment within Android.…
Robinhood, the commission-free investing platform, has suffered an enormous data breach, according to a statement the company made. Related: Volkswagen Vendor Data Breach Exposed Details of 3.3 Million Customers Late in the evening of November 3, Robinhood experienced a data…
CVE-2021-43267 is a newly disclosed security vulnerability in the Linux Kernel’s Transparent Inter Process Communication (TIPC). The flaw can be exploited both locally and remotely, allowing for arbitrary code execution within the kernel. The result of this would be taking…
CVE-2021-1048 is a new zero-day vulnerability in Android that was fixed together with 38 other flaws in November 2021’s patch rollout. Apparently, the zero-day is being exploited in the wild. CVE-2021-1048 Kernel Zero-Day CVE-2021-1048 is a use-after-free issue in the…
Shrootless, or CVE-2021-30892, is a new, OS-level vulnerability that could allow threat actors to circumvent security restrictions, known as System Integrity Protection (SIP), in macOS to take over the device. Once this is done, hackers could perform various arbitrary operations…
Cybercriminals have been quite active in developing new malware samples and improving their malicious approaches. According to PurpleSec statistics, cybercrime activity throughout 2021 has been up 600% due to the COVID-19 pandemic. As a result, cybersecurity researchers have analyzed some…
A previously unknown malware loader was uncovered this week. Called Wslink, the tool has been described as “simple yet remarkable,” capable of loading malicious Windows binaries. The loader has been used in attacks against Central Europe, North America, and the…
