Cybersecurity |
Sponsored by |
|
A financially motivated threat group called "Roaming Mantis" was seen targeting Android and iOS device users through malicious SMS communications. The messages sent Android phone users to download pages while iOS users were redirected to credential-stealing login pages. more
Agent Tesla, an infamous data stealer, has been plaguing Internet users since 2014. Much has been revealed about the malware, but the world didn't come to know about one of its more adept campaign perpetrators -- Hagga -- until last year. more
Months after TikTok launched its marketplace in September 2021, several users have raised concerns about the authenticity of the products they purchased. The complaints mainly pertain to beauty products, such as sunscreens, lip glosses, and makeup brushes. Aside from being ripped off, consumers may be exposed to more danger. more
A group of researchers recently discovered a new Android banking Trojan they called "Revive" since threat actors designed it to restart if it stops working. Once a device is infected, hackers can intercept messages, including online banking one-time passwords (OTPs). Revive also enables attackers to steal login credentials since it can read and store everything the user types on the infected device. more
Aoqin Dragon, like the mythical character it's named after, has recently been unearthed after nearly a decade of flying under the cybersecurity community's radar. Now believed to have been active since 2013, the advanced persistent threat (APT) group has targeted various organizations in the government, education, and telecommunications sectors. more
For US$2,500, threat actors can employ Matanbuchus, a malware-as-a-service (MaaS) package found delivering Cobalt Strike beacons through phishing and spam messages. Cobalt Strike is a powerful security tool that threat actors are increasingly using as a reconnaissance and post-exploitation weapon. more
Conti ransomware surfaced as far back as 2020. Believed to have been created by Russia-based cybercriminal group Wizard Spider, it has been involved in a multitude of double extortion campaigns over the years. more
As technology advances, so does the world of espionage. That has given birth to several companies, such as Cytrox, that specialize in creating spyware. Predator, along with other applications of its kind, has been advertised as legal spyware-for-hire. more
Two cyber threats recently caught the attention of WhoisXML API researchers, primarily since parts of their infection chain hide behind legitimate services. This tactic is tricky for security teams because blocking the domains involved means blocking legitimate applications, too. more
Cyber attackers typically use newly registered domains (NRDs) in their campaigns to evade detection, particularly since the implementation of privacy protection in WHOIS records. But some also use aged domains like the SolarWinds hackers to render a sense of legitimacy to their pages. more