malware

Mobile Security

Issued by: Security Affairs

The author of the Xenomorph Android malware, the Hadoken Security Group, continues to improve their malicious code. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google Play Store reaching over 50,000 installations. The banking Trojan was used to target 56 European banks and steal sensitive information…

Malware & Threats

Issued by: The Hacker News

A suspecting China-linked hacking campaign has been observed targeting unpatched SonicWall Secure Mobile Access (SMA) 100 appliances to drop malware and establish long-term persistence. “The malware has functionality to steal user credentials, provide shell access, and persist through firmware upgrades,” cybersecurity company Mandiant said in a technical report published this week. The Google-owned incident response…

Malware & Threats

Issued by: Dark Reading

A proof-of-concept, artificial intelligence (AI)-driven cyberattack that changes its code on the fly can slip past the latest automated security-detection technology, demonstrating the potential for creating undetectable malware. Researchers from HYAS Labs demonstrated the proof-of-concept attack, which they call BlackMamba, which exploits a large language model (LLM) — the technology on which ChatGPT is based…

Malware & Threats

Issued by: DataBreach Today

A Russian national accused by U.S. federal prosecutors of developing an application for decrypting login credentials pleaded not guilty during a first appearance in Tampa federal court. The man, Dariy Pankov – also known as “dpxaker” – faces seven criminal counts including conspiracy, access device fraud and computer fraud. On Wednesday in the courthouse for…

News

Issued by: Security Week

In a statement published last week on its website, the hosting giant said a small number of customers complained in early December 2022 about their websites being intermittently redirected. An analysis showed the redirects occurring on apparently random sites hosted on GoDaddy’s cPanel shared hosting services. The redirects were difficult to reproduce. Further analysis revealed…

Network Security

Issued by: CSO Online

Machine learning (ML) is a commonly used term across nearly every sector of IT today. And while ML has frequently been used to make sense of big data—to improve business performance and processes and help make predictions—it has also proven priceless in other applications, including cybersecurity. This article will share reasons why ML has risen…

Software Security

Issued by: CSO Online

The last year saw a rise in the sophistication and number of attacks targeting industrial infrastructure, including the discovery of a modular malware toolkit that’s capable of targeting tens of thousands of industrial control systems (ICS) across different industry verticals. At the same time, incident response engagements by industrial cybersecurity firm Dragos showed that 80%…

Malware & Threats

Issued by: Security Week

The seven individuals are being blamed for a series of major ransomware attacks targeting organizations in the US and the United Kingdom and the Treasury Department said it has information linking the hacking group to Russian intelligence services. “Current members of the Trickbot Group are associated with Russian Intelligence Services. The Trickbot Group’s preparations in…

Malware & Threats

Issued by: CSO Online

Researchers warn that a new threat actor has been targeting over a thousand organizations since October with the goal of deploying credential-stealing malware. The attack chain also involves reconnaissance components including a Trojan that takes screenshots of the desktops of infected computers. Tracked as TA866 by researchers from security firm Proofpoint, the group’s tooling seems…