A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. “The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads to push these domains to the top of search engine results targeting specific search keywords, […]
We all know passwords and firewalls are important, but what about the invisible threats lurking beneath the surface of your systems? Identity Threat Exposures (ITEs) are like secret tunnels for hackers – they make your security way more vulnerable than you think. Think of it like this: misconfigurations, forgotten accounts, and old settings are like […]
Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. “These applications are being hosted on Chinese pirating websites in order to gain victims,” Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said. “Once detonated, the malware will download and execute multiple payloads […]
Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that’s known to use a backdoor referred to as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligence team based on the fact that the adversary’s Lua-based malware LuaDream and […]
Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and chat messages to an actor-controlled server. […]
Public Wi-Fi, which has long since become the norm, poses threats to not only individual users but also businesses. With the rise of remote work, people can now work from virtually anywhere: a cafe close to home, a hotel in a different city, or even while waiting for a plane at the airport. Next, let’s […]
The use of illegal software has been under circulation ever since there have been torrents and cracked software. Recent reports show that threat actors have been relying on cracked software to deploy HotRat malware into victims’ systems. HotRat malware is capable of stealing login credentials, cryptocurrency wallets, screen capturing, keylogging, and installing additional malware. Hackers […]
2022 was the year when inflation hit world economies, except in one corner of the global marketplace – stolen data. Ransomware payments fell by over 40% in 2022 compared to 2021. More organisations chose not to pay ransom demands, according to findings by blockchain firm Chainalysis. Nonetheless, stolen data has value beyond a price tag, […]
A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor’s infection chain. Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that’s used to facilitate information theft. “What is noteworthy is data […]
Do you find reports of spy cams found in vacation rentals unsettling? Try these tips for spotting hidden cameras to put your worries to rest.
A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign. The novel loader, dubbed Nimbda, is “bundled with a Chinese language greyware ‘SMS Bomber’ tool that is most likely illegally distributed […]
As many as seven malicious Android apps discovered on the Google Play Store masqueraded as antivirus solutions to deploy a banking trojan called SharkBot. “SharkBot steals credentials and banking information,” Check Point researchers Alex Shamshur and Raman Ladutska said in a report shared with The Hacker News. “This malware implements a geofencing feature and evasion […]
A trip into the dark corners of Telegram, which has become a magnet for criminals peddling everything from illegal drugs to fake money and COVID-19 vaccine passes
The former Navy Nuclear engineer and his wife used a bubble gum package and peanut butter sandwich to hide SD card with sensitive data and sell it to undercover FBI agents. According to a press release from the US Department of Justice (DoJ), the FBI and the Naval Criminal Investigative Service (NCIS) collaborated to arrest […]
Mac computers often have hidden files that you can’t see. Find out the practical ways to find and view the articles with ease in this article. Macbooks often have files, directories, and folders in the system backend that maintain smooth functionalities. These files are sensitive and might cause severe system issues if the user alters, […]
The Whitehat hacker and IT security researcher Marcus Hutchins, who saved the world from the WannaCry ransomware attack, has shared simple yet useful tips on his TikTok detailing how you can detect hidden cameras in an Airbnb or a hotel room. There’s no doubt that the demand for home rental services like Airbnb is on […]
Another in our occasional series demystifying Latin American banking trojans
Many users ignore it, but by using their laptop camera or any other camera with a WiFi connection, their MAC address will become visible to anyone on the Internet. Also, network security experts from the International Institute of Cyber Security (IICS) mention that it is possible to detect multiple data from a user even if […]
ESET researchers reveal the modus operandi of the elusive InvisiMole group, including newly discovered ties with the Gamaredon group
Just a nice persistence trick to confuse DFIR investigation. Uses NtSetValueKey native API to create a hidden (null terminated) registry key. This works by adding a null byte in front of the UNICODE_STRING key valuename.More info about this technique can be found in the following whitepaper: https://github.com/ewhitehats/InvisiblePersistence/blob/master/InvisibleRegValues_Whitepaper.pdfThe tool uses the following registry path in which […]
It’s not just you, we all want to know why the Mac system takes up so much of space. I am curious about it, however, it could be life and death for users who are about fill up their macOS disk storage. Now, there are several ways to approach the situation — You can use […]