16 Sep 2021

New Go malware Capoae targets WordPress installs, Linux systems

A new strain of malware called Capoae was publicized earlier this week by security research firm Akamai. The firm stated that the new malware is written in the Golang programming language, which is becoming increasingly popular among threat actors due to its cross-platform capabilities. The malware spreads through known vulnerabilities

Read More
13 Sep 2021

SOVA, Worryingly Sophisticated Android Trojan, Takes Flight

A new Android banking trojan referred to as SOVA is currently under active development, according to researchers. The malware is reportedly looking to incorporate several tools into its arsenal, including ransomware functionality, distributed denial of service, and man in the middle. The banking trojan already boasts functions such as banking

Read More
25 Aug 2021

FBI Issues Ransomware Group Flash Alert

The FBI recently released a flash warning due to the recent activities of an organized cyber-criminal gang referred to as the OnePercent Group. In the alert, which was published on Monday, the FBI stated that the group has been targeting US companies since November 2020. OnePercent uses the threat emulation

Read More
25 Aug 2021

Custom WhatsApp Build Delivers Triada Malware

On Tuesday, Kaspersky released a report warning of the Triada trojan targeting mobile devices with an advertising SDK. The latest version of the malware was found buried inside an advertising component of a modified version of WhatsApp, a popular messenger, called FM WhatsApp. The malware is very persistent and was

Read More
04 Aug 2021

Iranian APT Lures Defense Contractor in Catfishing-Malware Scam

A new campaign using catfishing techniques with fake aerobics-instructor profiles has been discovered in a supply-chain attack attempt originating from an Iranian APT, TA456. The threat actors created convincing profiles of objectively attractive women to charm victims into downloading malware. According to a new report from Proofpoint, the campaign allegedly

Read More
04 Aug 2021

New Raccoon Stealer Campaign Underscores an Evolving Threat

Sophos researchers have detailed a new Racoon Stealer campaign that underscores the evolution of the information-stealer. According to Sophos, the Racoon Stealer has been distributed through a dropper campaign with the goal of stealing cryptocurrencies, cookies, and other valuable information located on target machines. Researchers confirmed that the campaign had

Read More
22 Jul 2021

NPM Package Steals Passwords via Chrome’s Account-Recovery Tool

A new widespread software supply-chain attack has been discovered by researchers, this time consisting of a password stealer harvesting credentials from Chrome on Windows systems via a tool called ChromePass. According to researchers, the campaign was discovered after professionals caught the malware stealing credentials, listening for incoming commands from the

Read More
21 Jul 2021

This new password-stealing Windows malware is distributed via ads for cracked software

Cybersecurity company Bitdefender has discovered a new form of malware that is delivered to victims via advertisements that appear in search results. Bitdefender states that the malware is being used as a gateway for attackers to steal passwords, deliver additional malware, and install cryptocurrency miners. The malware targets Windows devices

Read More
08 Jul 2021

MacOS Targeted in WildPressure APT Malware Campaign

Compromised WordPress websites have been enlisted by threat actors in a campaign targeting macOS users. WildPressure is the group of threat actors that have added a macOS malware variant to their campaign targeting energy sector businesses. Compromised WordPress websites are being utilized to carry out attacks.  Novel malware, named Milum,

Read More
08 Jul 2021

Scammers exploiting Kaseya ransomware attack to deploy malware

A phishing campaign that claims to offer a security update for Kaseya’s VSA software is actually attempting to install malware. The ransomware attack against IT firm Kaseya is being taken advantage of by cybercriminals. Cybercriminals are deploying spam to infect computers with Cobalt Strike-delivered malware.  The phishing email sent claims

Read More