Security researchers based at security firm Black Lotus Labs recently discovered a new type of malware infecting enterprise-grade and small office routers to monitor data that passes through them and steal authentication information. To help facilitate this, the malware can perform DNS and HTTP hij
According to a recent report by Avast, a new malware campaign was discovered by the security firm’s researchers hijacking an eScan antivirus update mechanism to distribute backdoors and cryptocurrency mining malware. The malware is currently being tracked as GuptiMiner and has been seen dropping po
Banking trojan malware, namely malware designed to intercept a victim’s banking-related information, including login passwords, so that funds can be fraudulently stolen, is an ever-present danger for those using banking applications on mobile phones. Reminding us of this danger is the recent discov
According to a recently published article on Bleeping Computer, threat actors have compromised at least 2000 WordPress sites to push crypto malware onto unsuspecting visitors to the compromised sites. The crypto-related malware, often called a crypto drainer, is a type of malware that tricks the us
The Indian government announced that it had rescued 250 Indian citizens enslaved by a Cambodian cybercrime gang. The kidnapped Indians were forced to serve and commit cybercrimes. The short statement read as follows, We have seen media reports on Indian nationals stuck in Cambodia…Our Embas
In a recently published article by Netcraft, a new Phishing-as-a-Service (PhaaS) platform targeting iPhones via the iMessage application has been discovered. Named Darcula, the platform uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countrie
Security researchers at Trend Micro have discovered a DarkGate malware campaign using a vulnerability already patched in Windows Defender’s Smart Screen utility. Summarizing their discovery, they stated, The Zero Day Initiative (ZDI) recently uncovered a DarkGate campaign in mid-January 202
Several news outlets, including Reuters, have been covering a fair amount of exciting news regarding the BlackCat ransomware gang, also tracked as ALPHV by this publication. When this publication last covered BlackCat operations, they were seen exploiting both the Impacket and RemCom frameworks to
Following the announcement and subsequent patching of CVE-2024-1709, several security researchers have noted ransomware gangs have been seen trying to exploit the flaw. If the flaw is exploited, it allows an attacker to create admin accounts on Internet-exposed servers, delete all other users, and
According to the latest report published by Google's Threat Analysis Group (TAG), the rise of commercial surveillance vendors is driving zero-day vulnerability discovery, development, and exploitation. This poses significant risks to free speech, the free press, and the open internet. Commerci