Researchers spotted a new variant of the UpdateAgent macOS malware dropper that was employed in attacks in the wild. Researchers from the Jamf Threat Labs team have uncovered a new variant of the UpdateAgent macOS malware dropper. The new version is written in Swift and relies on the AWS infrastructure to host its malicious payloads. […]
The U.S. Justice Department accused a 55-year-old Venezuelan cardiologist of operating and selling the Thanos ransomware. The U.S. Justice Department accused Moises Luis Zagala Gonzalez, a 55-year-old cardiologist from Venezuela, of operating and selling the Thanos ransomware. Thanos ransomware (a.k.a. Hakbit ransomware) has been developed by Nosophoros (aka Aesculapius, and Nebuchadnezzar), a threat actor offering for sale the malware […]
Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices. The malicious apps are able to steal credentials, Facebook cookies, and other personally identifiable information. Some […]
US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency added the recently disclosed remote code execution bug, tracked as CVE-2022-30525, affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk […]
Researchers spotted a threat actor using a custom PowerShell RAT targeting German users to gain intelligence on the Ukraine crisis. Malwarebytes experts uncovered a campaign that targets German users with custom PowerShell RAT targeting. The threat actors attempt to trick victims into opening weaponized documents by using the current situation in Ukraine as bait. The […]
Apple released security updates to address a zero-day bug actively exploited in attacks against Macs and Apple Watch devices. Apple has addressed a zero-day vulnerability, tracked as CVE-2022-22675, actively exploited in attacks aimed at Macs and Apple Watch devices. The flaw is an out-of-bounds write issue that resides in the AppleAVD, it can lead to […]
A 28-year-old Ukrainian national has been sentenced to four years in prison for selling access to hacked servers. Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old Ukrainian national, has been sentenced to four years in prison for selling access to comprised servers on the dark web. The man was arrested in Poland in October 2020 and pleaded guilty […]
Researchers from threat intelligence firm Cyble analyzed the Eternity Project Tor website which offers any kind of malicious code. Researchers at cybersecurity firm Cyble analyzed a Tor website named named âEternity Project’ that offers for sale a broad range of malware, including stealers, miners, ransomware, and DDoS Bots. The experts discovered the marketplace during a […]
This post provides a timeline of the events related to Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing Russia invasion that occurred in the previous weeks: May 14 – The LEGION collective calls to action to attack the final of the Eurovision song […]
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. The LEGION collective calls to action to attack the final of the Eurovision song contest […]