Xenomorph Android trojan has been observed distributed via the official Google Play Store targeting 56 European banks. Researchers from ThreatFabric have spotted a new Android banking trojan, dubbed Xenomorph, distributed via the official Google Play Store that has over 50,000 installations. The banking Trojan was used to target 56 European banks and steal sensitive information from […]
Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data. Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data without knowing the private key used by the gang to encrypt files. The Hive ransomware operation has been active […]
The Threat Report Portugal: Q4 2021 compiles data collected on the malicious campaigns that occurred from October to December, Q4, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-InformĂĄtica. This feed is based on automatic searches and is also supported […]
The FBI warned US organizations and individuals are being increasingly targeted in BECattacks on virtual meeting platforms The Federal Bureau of Investigation (FBI) warned this week that US organizations and individuals are being increasingly targeted in BEC (business email compromise) attacks on virtual meeting platforms. Business Email Compromise/Email Account Compromise (BEC/EAC) is a sophisticated scam that […]
Threat actors have stolen and flipped high-valued NFTs from the users of the world’s largest NFT exchange, OpenSea. The world’s largest NFT exchange, OpenSea on Sunday confirmed that tens of some of its users have been hit by a phishing attack and had lost valuable NFTs worth $1.7 million. The phishing attack was confirmed by […]
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA compiled a list of free cybersecurity tools and services White House and UK […]
The Conti ransomware group takes over TrickBot malware operation and plans to replace it with BazarBackdoor malware. TrickBot operation has arrived at the end of the journey, according to AdvIntel some of its top members move under the Conti ransomware gang, which is planning to replace the popular banking Trojan with the stealthier BazarBackdoor. TrickBot is […]
The White House has linked the recent DDoS attacks against Ukraine ‘s banks and defense agencies to Russia’s GRU. The White House has linked the recent DDoS attacks that took offline the sites of banks and defense agencies of Ukraine to Russia’s Main Directorate of the General Staff of the Armed Forces (aka GRU). This […]
Iran-linked TunnelVision APT group is actively exploiting the Log4j vulnerability to deploy ransomware on unpatched VMware Horizon servers. Researchers from SentinelOne have observed the potentially destructive Iran-linked APT group TunnelVision is actively exploiting the Log4j vulnerability to deploy ransomware on unpatched VMware Horizon servers. TunnelVision’s TTPs overlap with the ones associated with Iran-linked nation-state actors Phosphorus, Charming Kitten […]
Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as CVE-2021-44731 (CVSS score 7.8). Snap is a software packaging and deployment system developed by Canonical for operating systems that use the Linux […]