Sextortion campaign uses Goontact spyware to target Android and iOS users
Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS...
News
Microsoft partnered with security firms to sinkhole the C2 used in SolarWinds hack
Microsoft and its partners have seized the primary domain used in the SolarWinds attack to identify the victims through sinkholing....
PyMICROPSIA Windows malware includes checks for Linux and macOS
Experts discovered a new Windows info-stealer, named PyMICROPSIA, linked to AridViper group that is rapidly evolving to target other platforms....
Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices
Experts reported flaws in Medtronic ’s MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of...
Norwegian cruise company Hurtigruten was hit by a ransomware
Norwegian cruise company Hurtigruten disclosed a cyber attack that impacted its entire worldwide digital infrastructure. The Norwegian cruise company Hurtigruten...
Kaspersky researchers found 360,000 malicious files per day in 2020
Researchers at Kaspersky discovered an average of 360,000 new malicious files every day over the past 12 months – 18,000...
Threat profile: Egregor ransomware is making a name for itself
What is Egregor? Egregor ransomware is a relatively new ransomware (first spotted in September 2020) that seems intent on making...
NCSC: Be Cyber Aware, especially during the Christmas season
In early December, the National Cyber Security Centre, a UK-based cybersecurity body and a part of GCHQ, kicked off the next chapter...
Hackers Dropping Malware via Free WinZip Trial Popup Vulnerability
Researchers have discovered a critical security flaw in WinZip 24 that targets users with malware. WinZip trial popup vulnerability...
Russian hackers broke into the systems of the United States Department of the Treasury and Department of Commerce
The Russian Embassy in the United States has already called the accusations against Moscow baseless. They recalled that Vladimir Putin...
Kaspersky Security Bulletin 2020. Statistics
All statistics in this report are from the global cloud service Kaspersky Security Network (KSN), which receives information from components...
APKLab – Android Reverse Engineering WorkBench For VS Code
APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer and more to the excellent VS Code so you can...
ToRat – A Remote Administation Tool Written In Go Using Tor As A Transport Mechanism And RPC For Communication
A Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS...
The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices
Back in July, Rapid7 released its first-ever National / Industry / Cloud Exposure Report, otherwise known as “NICER.” This report...
SoReL-20M Sophos & ReversingLabs release 10 million disarmed samples for malware study
Sophos and ReversingLabs released SoReL-20M, a database containing 20 million Windows Portable Executable files, including 10M malware samples. Sophos and...
Apple addressed multiple code execution flaws in iOS and iPadOS
Apple addressed this week serious code execution vulnerabilities that affect its iOS and iPadOS mobile operating systems. Apple released security...
SolarWinds confirmes 18,000 customers may have been impacted
18,000 SolarWinds customers may have been impacted by the attack against its supply chain, the company said in a SEC filing....
SolarWinds advanced cyberattack: What happened and what to do now
Over the weekend we learned more about the sophisticated attack that compromised security firm FireEye, the US Treasury and Commerce...
A week in security (December 7 – December 13)
Last week on Malwarebytes podcast we talked to Doug Levin, founder of the K12 cybersecurity resource center and advisor to the...
Google’s Data Security: How Google Protects your Data from Cyber Threats?
The world is moving very fast towards technology and materialism. Subsequently, it has become increasingly difficult for people to shun...
Adaptive protection against invisible threats
Corporate endpoint security technologies for mid-sized companies struggle to surprise us with anything brand new. They provide reliable protection against...
WSMan-WinRM – A Collection Of Proof-Of-Concept Source Code And Scripts For Executing Remote Commands Over WinRM Using The WSMan.Automation COM Object
A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object.BackgroundFor background...
Stegseek – Worlds Fastest Steghide Cracker, Chewing Through Millions Of Passwords Per Second
Stegseek is a lightning fast steghide cracker that can be used to extract hidden data from files. It is built...
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds...
