July 10, 2019 Zoom Vulnerability Could Let Third Parties Take Over Webcams 2 min read - A zero-day Zoom vulnerability could allow third parties to snoop on videoconferencing calls, reactivate uninstalled apps and conduct other malicious activities.
July 10, 2019 Astaroth Attack Infects Windows Machines Via Living-Off-the-Land Techniques 2 min read - An Astaroth attack leveraged only living-off-the-land techniques to run the backdoor directly in memory on Windows machines.
July 9, 2019 More Than 17,000 Samples of Anubis Android Malware Found on Two Related Servers 2 min read - Security researchers uncovered more than 17,000 samples of Anubis Android malware stored on two related servers.
July 9, 2019 TA505 Delivers New Gelup Malware Tool, FlowerPippi Backdoor Via Spam Campaign 2 min read - Researchers observed the TA505 threat group using spam campaigns to deliver two new payloads: the Gelup malware tool and the FlowerPippi backdoor.
July 3, 2019 Godlua Backdoor Capable of Performing DDoS Attacks 2 min read - Both versions of the Godlua backdoor, discovered in late April, are capable of performing distributed denial-of-service (DDoS) attacks, according to a new report.
July 2, 2019 Phishing Attacks Incorporate QR Codes to Help Evade URL Analysis 2 min read - Security researchers noticed fraudsters incorporating QR codes into various phishing attack campaigns as a way to evade URL analysis.
July 1, 2019 Attack Campaign Leverages B2B Site to Distribute New Spelevo Exploit Kit 2 min read - A recent attack campaign leveraged a business-to-business (B2B) website to distribute a new exploit kit named Spelevo.
July 1, 2019 Attackers Disperse Cryptocurrency-Mining Malware via a Golang-Based Spreader < 1 min read - Threat actors launched an attack campaign that uses a Golang-based spreader to distribute cryptocurrency-mining malware, according to researchers.
June 27, 2019 Sodinokibi Ransomware Adds Malvertising and More Exploit Kits to Distribution Methods 2 min read - Sodinokibi ransomware affiliates have added malvertising campaigns to the growing list of attack vectors used to infect victims, according to reports.
June 19, 2019 Fake Android Apps Steal Cryptocurrency Credentials With 2FA Bypass Technique 2 min read - Security researchers discovered two malicious Android apps that leveraged a clever 2FA bypass technique to steal Turkish users' cryptocurrency credentials.