In April, Cisco Talos observed a new threat actor named Rocke using western and Chinese Git repositories to deliver cryptomining malware to honeypots that were vulnerable to an Apache Struts vulnerability. Researchers detected Rocke conducting a similar campaign in July. In that operation, the threat actor communicated with an HTTP File Server (HFS) hosting 11 …
Google has recently acted tough to rid its app store of malware, however it’s apparent there’s still some work to do. Symantec recently discovered seven previously removed rogue apps that resurfaced on Google Play simply by using a new publisher and new app names. The apps coming in new titles that masqueraded as productivity apps …
Researchers at Qihoo 360’s Core security unit say an advanced persistent threat (APT) group is using the IE vulnerability on a “global scale”, which is being delivered to select targets via malicious Office documents loaded with what it calls a “double-kill” vulnerability. Victims are required to open the Office document, which launches a malicious webpage …
After a four year investigation, Europol announced it has arrested the suspected leader of a crime syndicate that stole $1.2 billion from over 100 banks in more than 40 countries using malware. According to Europol, the suspect was arrested by the Spanish National Police in Alicante, Spain, with support from the FBI, Romanian, Belarusian, and …
Many government and other websites were hijacked to mine the cryptocurrency Monero on Sunday. A list of affected websites can be viewed here: Texthelp Browsealoud security issue The malicious code was first spotted by UK-based infosec consultant Scott Helme, and confirmed by The Register. He recommended webmasters try a technique called SRI – Subresource Integrity – …
A new strain of point-of-sale (PoS) malware is disguising itself as a LogMeIn service pack to hide the theft of customer data. On Thursday, Forcepoint researchers Robert Neumann and Luke Somerville said in a blog post that a new malware family, dubbed UDPoS, attempts to disguise itself as legitimate services to avoid detection while transferring …
For long users have been warned of third-party Android apps might be hiding some malware as well. But your hyper-vigilant download habits should extend beyond your smartphone. You need to keep an eye on your desktop Chrome extensions as well. As with Android apps, though, Chrome extensions can sometimes hide malware or other scourges, even …
Mirai malware and its many variants which have targeted CPU architectures in the past, is now targeting the second most popular type of CPU core – ARC processors. Meet Mirai Okiru, the Mirai variant targeting ARC processors, which are embedded processors used in IoT, auto, mobile, TVs, cameras and a nearly endless list of products …
ESET researchers have uncovered state-sponsored hacking operationtargeting diplomats, using a new attack that bundles malware with a legitimate software update. The attacks are targeting embassies and consulates in eastern European post-Soviet states and have been attributed to Turla, a well-known advanced persistent threat group The ESET research shows that in addition to bundling its backdoors …
Researchers have uncovered a campaign targeting organisations involved with next month’s Games in South Korea, with the aim of controlling infected machines. Hackers are targeting the upcoming Winter Olympics with a phishing and malware campaign directed at the organisations that provide infrastructure and other support for the Games. The campaign targets a number of organisations …