Security researchers recently spotted a new modular stealer written in .NET and capable of exfiltrating cryptocurrency wallets, including Atomic, Exodus, Ethereum, Jazz, Bitcoin, and Litecoin wallets. The malicious campaign, targeting Australia, Egypt, Germany, India, Indonesia, Japan, Malaysia, Norway, Singapore, South…
There’s a new ransomware family spotted in the wild. Called White Rabbit, the ransomware was noticed by Trend Micro researchers in silent attacks against a US bank in December 2021. It appears that the threat uses a page from the…
An authentication bypass vulnerability was recently identified and patched in Zoho Desktop Central and Desktop Central MSP. CVE-2021-44757: Authentication Bypass Vulnerability in Zoho Desktop Central Known as CVE-2021-44757, the flaw has now been addressed and released in the company’s latest…
There’s a solid win for law enforcement in the battle with cybercriminals. Apparently, according to an official Europol statement, law enforcement authorities took action against the criminal misuse of VPN services, as they targeted the users and infrastructure of VPNLab.net.…
According to a Chainanalysis report, North Korean hackers had a very successful 2021 year. As a result of launching at least seven large-scale attacks against cryptocurrency platforms, they made approximately $400 million worth of digital assets. Targets of the attacks…
Security researchers reported a new backdoor capable of targeting Windows, macOS, and Linux operating systems. SysJoker Backdoor Technical Overview Called SysJoker, the multi-platform malware is currently not detected by any of the security engines in VirusTotal. SysJoker was discovered by…
One of the latest malicious campaigns detected in the wild is taking advantage of the new Spiderman: No Way Home movie. SilentXMRMiner Hides in Spiderman Movie ReasonLabs researchers recently detected a Monero miner in a torrent download of the Spider-Man:…
Half a billion stolen credentials were discovered in a compromised cloud storage facility, according to the National Crime Agency’s National Cyber Crime Unit in the U.K. Since the data came from various sources and couldn’t be linked to a specific…
Meta, formerly Facebook, has filed a federal lawsuit in California court to disrupt phishing attacks, according to a company’s statement. Meta Files Lawsuit Against Phishing The purpose of the lawsuit is to fight phishing attacks that aim to obtain users’…
35,000 Java Packages Impacted by the Log4j Vulnerabilities Google says that more than 35,000 Java packages are currently impacted by the Log4j vulnerabilities, “with widespread fallout across the software industry.” This amounts to more than 8% of the Maven Central…
A new VMware vulnerability should be patched immediately to avoid any exploitation. CVE-2021-22057 in VMware Workspace ONE Access CVE-2021-22057 is a critical vulnerability in VMware Workspace ONE Access that specifically affects its two factor authentication (2FA) processing component. Currently, little…
Security researchers detected a new mass malware campaign associated with the previously known Manuscrpypt loader, which is part of Lazarus APT group arsenal. The discovery comes from Kaspersky’s Secure List. “Curiously, the data exfiltration channel of the malware uses an…
Phorpiex is a well-known malware that has been operating at least since 2016, initially known as a botnet using the IRC protocol. A couple of years later, the botnet’s infrastructure changed to Tldr – a loader controlled via HTTP. The…
Meta, formerly Facebook, is adding scraping attacks to its bug bounty program, according to a statement the company made. Scraping is an issue that Facebook has been struggling with in the past. Because of this, two areas of research for…
DarkWatchman is the name of a new JavaScript-based remote access trojan (RAT). Currently, the RAT is being distributed in the wild via malicious emails. The malware uses the domain generation algorithm (DGA) technique to identify its Command and Control (C2)…
Khonsari is a novel ransomware family currently attempting to exploit the critical Apache Log4j vulnerability, also known as CVE-2021-44228, Log4Shell and Logjam. Apache Log4j Vulnerability: CVE-2021-44228 According to the National Vulnerability Database, “Apache Log4j2
Censorship has reached another level in Russia with the country’s decision to fully ban access to the Tor network. In addition to Tor, six other virtual network providers (VPNs) were banned in an attempt to control the internet and prevent…
A cryptocurrency support scam bot that was discovered in May has now evolved. As a result, more cryptocurrency users are targeted. How Does the Cryptocurrency Support Scam Bot Operate? How does the scam operate? Scammers closely monitor all tweets that…
A new ransomware-as-a-service player has been detected by Recorded Future and MalwareHunterTeam on two underground forums. Known as ALPVH and BlackCat, the ransomware group is the first to use Rust, The Record reported. This is the third ransomware strain to…
What is the current state of identify fraud, and where is this cybercrime trend headed in 2022? The state of identity fraud According to a new report by Onfido, identity fraud has increased with 44% since 2019. Since more businesses…
