July 15, 2019 Threat Actors Could Abuse iOS URL Scheme to Undermine User Privacy 2 min read - Threat actors could abuse the iOS URL Scheme to undermine user privacy and stage other attacks with respect to certain vendors' apps.
July 15, 2019 Weekly Security News Roundup: Zero-Day Vulnerability Exploited in Buhtrap Attack Campaign 3 min read - Last week, security researchers identified a zero-day vulnerability that was instrumental in a targeted attack against companies in Eastern Europe.
July 10, 2019 Zoom Vulnerability Could Let Third Parties Take Over Webcams 2 min read - A zero-day Zoom vulnerability could allow third parties to snoop on videoconferencing calls, reactivate uninstalled apps and conduct other malicious activities.
July 10, 2019 Astaroth Attack Infects Windows Machines Via Living-Off-the-Land Techniques 2 min read - An Astaroth attack leveraged only living-off-the-land techniques to run the backdoor directly in memory on Windows machines.
July 9, 2019 More Than 17,000 Samples of Anubis Android Malware Found on Two Related Servers 2 min read - Security researchers uncovered more than 17,000 samples of Anubis Android malware stored on two related servers.
July 9, 2019 TA505 Delivers New Gelup Malware Tool, FlowerPippi Backdoor Via Spam Campaign 2 min read - Researchers observed the TA505 threat group using spam campaigns to deliver two new payloads: the Gelup malware tool and the FlowerPippi backdoor.
July 3, 2019 Godlua Backdoor Capable of Performing DDoS Attacks 2 min read - Both versions of the Godlua backdoor, discovered in late April, are capable of performing distributed denial-of-service (DDoS) attacks, according to a new report.
July 2, 2019 Phishing Attacks Incorporate QR Codes to Help Evade URL Analysis 2 min read - Security researchers noticed fraudsters incorporating QR codes into various phishing attack campaigns as a way to evade URL analysis.
July 1, 2019 Attack Campaign Leverages B2B Site to Distribute New Spelevo Exploit Kit 2 min read - A recent attack campaign leveraged a business-to-business (B2B) website to distribute a new exploit kit named Spelevo.
July 1, 2019 Attackers Disperse Cryptocurrency-Mining Malware via a Golang-Based Spreader < 1 min read - Threat actors launched an attack campaign that uses a Golang-based spreader to distribute cryptocurrency-mining malware, according to researchers.