Google’s Rust belts bugs out of Android, helps kill off unsafe code substantially
Memory safety flaws used to represent 76% of 'droid security holes. Now they account for 24% Google says its effort to prioritize memory-safe software development over the past six years has substantially reduced the number of memory safety vulnerabilities in its...
Necro malware continues to haunt side-loaders of dodgy Android mods
11M devices exposed to trojan, Kaspersky says The Necro trojan is once again making a move against Android users, with up to eleven million individuals thought to be exposed to infected apps.…
Google splats device-hijacking exploited-in-the-wild Android kernel bug among others
And Qualcomm addresses 'permanent denial of service' flaw in its stuff Google released 46 fixes for Android in its August security patch batch, including one for a Linux kernel flaw in the mobile OS that can lead to remote code execution (RCE).…
CapraRAT Spyware Disguised as Popular Apps Threatens Android Users
The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing...
Windows: Insecure by design
Windows: Insecure by design Go to Source Get your hands off my computer, Microsoft! Opinion I've been pointing out Windows security bugs since Windows for Workgroups showed up in 1992 and I showed how you could steal data from your...
Government workers are being told to immediately update their Pixel phones to patch a serious exploit
The US government has issued a dire warning to employees with Pixel phones, mandating a security update by July 4, as originally reported by Forbes. This is due to a high-severity firmware vulnerability within the Android operating system that could open up devices to...
Oyster Backdoor Spreading via Trojanized Popular Software Downloads
Oyster Backdoor Spreading via Trojanized Popular Software Downloads Go to Source A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called...
Singapore Police Extradites Malaysians Linked to Android Malware Fraud
The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a mobile malware campaign targeting citizens in the country since June 2023. The unnamed individuals, aged 26 and 47, engaged in scams that tricked...
Arid Viper Launches Mobile Espionage Campaign with AridSpy Malware
The threat actor known as Arid Viper has been attributed to a mobile espionage campaign that leverages trojanized Android apps to deliver a spyware strain dubbed AridSpy. "The malware is distributed through dedicated websites impersonating various messaging apps, a...
Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS
Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018. The activity, still ongoing, entails the use of an Android malware called GravityRAT and a Windows-based malware loader...
In Other News: TikTok Zero-Day, DMM Bitcoin Hack, Free VPN App Analysis
Noteworthy stories that might have slipped under the radar: TikTok patches account hijacking zero-day, $300 million DMM Bitcoin hack, free Android VPN apps analyzed. The post In Other News: TikTok Zero-Day, DMM Bitcoin Hack, Free VPN App Analysis appeared first on...
Cybercrooks get cozy with BoxedApp to dodge detection
Some of the biggest names in the game are hopping on the trend Malware miscreants are increasingly showing a penchant for abusing legitimate, commercial packer apps to evade detection.…
The Next Generation of RBI (Remote Browser Isolation)
The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in...
Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine
A new sophisticated cyber attack has been observed targeting endpoints geolocated to Ukraine with an aim to deploy Cobalt Strike and seize control of the compromised hosts. The attack chain, per Fortinet FortiGuard Labs, involves a Microsoft Excel file that carries an...
37 Vulnerabilities Patched in Android
Android’s June 2024 security update resolves 37 vulnerabilities, including high-severity flaws in Framework and System. The post 37 Vulnerabilities Patched in Android appeared first on SecurityWeek.
DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks
Cyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have shifted away from AutoIt scripts to an AutoHotkey mechanism to deliver the last stages, underscoring continued efforts on the part of the threat actors to continuously stay ahead of the...
Telegram Combolists – 361,468,099 breached accounts
In May 2024, 2B rows of data with 361M unique email addresses were collated from malicious Telegram channels. The data contained 122GB across 1.7k files with email addresses, usernames, passwords and in many cases, the website they were entered into. The data appears...
Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet
Law enforcement authorities behind Operation Endgame are seeking information related to an individual who goes by the name Odd and is allegedly the mastermind behind the Emotet malware. Odd is also said to go by the nicknames Aron, C700, Cbd748, Ivanov Odd, Mors,...
Identities of Cybercriminals Linked to Malware Loaders Revealed
Law enforcement reveals the identities of eight cybercriminals linked to recently disrupted malware loaders. The post Identities of Cybercriminals Linked to Malware Loaders Revealed appeared first on SecurityWeek.
Andariel Hackers Target South Korean Institutes with New Dora RAT Malware
The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea. "Keylogger, Infostealer, and...
Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware
Fake web browser updates are being used to deliver remote access trojans (RATs) and information stealer malware such as BitRAT and Lumma Stealer (aka LummaC2). "Fake browser updates have been responsible for numerous malware infections, including those of the...
Microsoft and ARM: A Rocky Romance A Decade in the Making
Microsoft and ARM: A Rocky Romance A Decade in the Making Go to Source “Microsoft announces new Surface devices! Their light form factor blends the experience of a traditional laptop with a tablet. A new Windows version, specially...
Law enforcement task force shuts down six malware droppers
An international law enforcement task force has disrupted the infrastructure behind six malware droppers, malicious programs that play a key role in hacking campaigns. Europol, which led the task force, announced the development today. The effort included hundreds of...
International Malware Takedown Seized 100+ Servers
‘Operation Endgame’ is an ongoing effort to disrupt botnets, malware droppers and malware-as-a-service.
Mystery miscreant remotely bricked 600,000 SOHO routers with malicious firmware update
Source and motive of 'Pumpkin Eclipse' assault unknown Unknown miscreants broke into more than 600,000 routers belonging to a single ISP late last year and deployed malware on the devices before totally disabling them, according to security researchers.…
This Week in Security: Operation Endgame, Appliance Carnage, and Router Genocide
This week saw an impressive pair of takedowns pulled off by law enforcement agencies around the world. The first was the 911 S5 botnet, Which the FBI is calling “likely the world’s largest botnet ever”. Spreading via fake free VPN services, 911 was actually a massive...
Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers
Over 600,000 SOHO routers belonging to a single ISP and infected with the Chalubo trojan were rendered inoperable. The post Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers appeared first on SecurityWeek.
CISA Warns of Exploited Linux Kernel Vulnerability
CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation. The post CISA Warns of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek.
Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting
The Russian GRU-backed threat actor APT28 has been attributed as behind a series of campaigns targeting networks across Europe with the HeadLace malware and credential-harvesting web pages. APT28, also known by the names BlueDelta, Fancy Bear, Forest Blizzard,...
Intel’s Anti-Upgrade Tricks Defeated With Kapton Tape
If you own an Intel motherboard with a Z170 or Z270 chipset, you might believe that it only supports CPUs up to Intel’s 7th generation, known as Kaby Lake. Even the CPU socket’s pinout is different in the next generation — we are told, it will fit the same socket, but...