Osiris banking trojan shuts down as new Ares variant emerges
The creator of the Osiris banking trojan has shut down its operation in March, citing a lack of interest for banking trojans in the cybercriminal underground.
Rare new Windows rootkit spotted in Chinese APT attacks
In a report published today, security firm Kaspersky said it discovered a rare new Windows rootkit that has remained undetected since at least 20018 and has been deployed in some highly targeted attacks.
Malware group leaks millions of stolen authentication cookies
For weeks, Bob Diachenko, Cyber Threat Intelligence Director at security firm Security Discovery, has been trying to convince a cloud provider to intervene and take down a malware group’s server that was leaking hundreds of thousands of stolen passwords and millions of authentication cookies.
GitHub to review its exploit-hosting policy in light of recent scandal
Code-hosting platform GitHub has asked the infosec community to provide feedback on a series of proposed changes to the site’s policies that dictate how its employees will deal with malware and exploit code uploaded to its platform.
QNAP warns of AgeLocker ransomware attacks against NAS devices
Taiwanese hardware vendor QNAP said today that its network-attached storage (NAS) devices are under attack by a ransomware operation known as AgeLocker.
Security firm Kaspersky believes it found new CIA malware
Cybersecurity firm Kaspersky said today it discovered new malware that appears to have been developed by the US Central Intelligence Agency.
Apple patches Gatekeeper bypass bug abused by malware gang
On Monday, Apple has released macOS Big Sur 11.3 with a security fix for a vulnerability that was being abused by a malware gang to bypass the operating system’s security checks.
Despite arrests in Spain, FluBot operations explode across Europe and Japan
Cyber-security agencies in Germany and the UK warned the general public this month about a spike in SMS spam messages spreading the Flubot Android malware.
Password manager Passwordstate hacked to deploy malware on customer systems
A mysterious threat actor has compromised the update mechanism of enterprise password manager application Passwordstate and deployed malware on its users’ devices, most of which are enterprise customers.
Sysrv: A new crypto-mining botnet is silently growing in the shadows
If you forget to update or properly secure an internet-connected server or web app, the chances are that a crypto-mining botnet will infect it first, long before any nation-state hacking group. Crypto-mining botnets have been a plague on the internet for the past three years, and despite the space being more than saturated, new botnets are being built and discovered on a re.gular basis, driven mainly by cybercriminals’ unquenched thirst for easy money.