Android devices are being exploited by hackers with RATs
The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored on the devices and create a remote interactive session. ThreatFabric, in a report, characterized Hook as a novel ERMAC fork that’s advertised for sale for $7,000 per […]
Warning: Tainted VPNs are Distributing EyeSpy Monitoring Software
A compromised VPN installer is used to distribute surveillance software called EyeSpy as part of a malware campaign launched in May 2022. It uses “SecondEye’s component (a legitimate surveillance application) to spy on users of Iran-based VPN service, 20Speed VPN, via trojanized installers,” said Bitdefender in its analysis. The US Romanian cybersecurity firm added that […]
Permissions matter for SaaS Security – Why?
Earlier this year, attackers compromised Mailchimp, a popular SaaS email marketing platform. We examined over 300 Mailchimp customer accounts and exported audience data from 102 of them. The compromise was preceded by a successful phishing attempt that launched a malicious attack against an end-user of a Mailchimp customer. Three months later, Mailchimp suffered another attack. […]
Synology releases patch for critical RCE vulnerability affecting VPN Plus servers
Synology has released a security update to address a critical vulnerability in VPN Plus Server that could be used to take over an affected system. The vulnerability registered as CVE-2022-43931 has a maximum severity of 10 in the CVSS rating and was described as a write out of bounds error in the Remote Desktop feature […]
WhatsApp introduces proxy support to help users bypass internet censorship
Popular instant messaging service WhatsApp has introduced support for proxy servers in the latest versions of its Android and iOS apps. This allows users to avoid government-imposed censorship and internet shutdowns. “By choosing a proxy, he can connect to his WhatsApp through servers set up by volunteers and organizations around the world, allowing people to […]
Hackers use stolen banking information to trick victims into downloading BitRAT malware
A new malware campaign has been observed using sensitive information stolen from banks as bait in phishing emails to drop a remote access Trojan called BitRAT. An unknown attacker hijacked her IT infrastructure for a Colombian credit union and used the information to create a convincing decoy message to trick the victim into opening her […]
APT hackers use malicious Excel add-ins as an initial breach vector
Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default in Office files downloaded from the Internet has prompted many attackers to improvise attack chains in recent months. Today, according to Cisco Talo, advanced persistent threat (APT) actors and the commodity malware family are increasingly using Excel extension files (.XLL) as their primary […]
The Era of Cyber Threat Information Sharing
We have spent 40 years protecting ourselves as individuals. We tried to trick and outsmart the cybercriminals, but when all our efforts failed, we thought of working with our peers to outnumber them. Cybercriminals don’t remake themselves every time. They have limited resources and limited budgets. So they use playbooks to attack a lot of […]
Google takes Gmail security to the next level with client-side encryption
Google announced Friday that client-side encryption for Gmail is in beta for workspace and education customers. This is part of an effort to secure emails sent through her web version of the platform. This development comes at a time when online privacy and data security concerns are at an all-time high, and is a welcome […]
Cyber Attack Prevention Checklist to Keep Your Business Safe & Secure From Hackers
[et_pb_section transparent_background=”off” allow_player_pause=”off” inner_shadow=”off” parallax=”off” parallax_method=”on” make_fullwidth=”off” use_custom_width=”off” width_unit=”off” custom_width_px=”1080px” custom_width_percent=”80%” make_equal=”off” use_custom_gutter=”off” fullwidth=”off” specialty=”off” admin_label=”section” disabled=”off”][et_pb_row make_fullwidth=”off” use_custom_width=”off” width_unit=”off” custom_width_px=”1080px” custom_width_percent=”80%” use_custom_gutter=”off” gutter_width=”3″ allow_player_pause=”off” parallax=”off” parallax_method=”on” make_equal=”off” parallax_1=”off” parallax_method_1=”on” parallax_2=”off” parallax_method_2=”on” parallax_3=”off” parallax_method_3=”on” parallax_4=”off” parallax_method_4=”on” admin_label=”row” disabled=”off”][et_pb_column type=”4_4″ disabled=”off” parallax=”off” parallax_method=”on”][et_pb_text background_layout=”light” text_orientation=”left” admin_label=”Text” use_border_color=”off” border_style=”solid” disabled=”off”] Cyber Security manages business risk during […]