Malicious

Protecting Users from Malicious Sites with Falcon for Mobile

Nov 9, 2021 by iHash Leave a Comment

Introduction Today, mobile devices are ubiquitous within enterprise environments. But with their proliferation, it provides adversaries with yet another attack surface with which they can target users and cause a breach. From phishing attacks to malicious apps, mobile users tend to let their guard down and potentially click on obfuscated links to malicious sites. Falcon for … [Read more...] about Protecting Users from Malicious Sites with Falcon for Mobile

Experts Detail Malicious Code Dropped Using ManageEngine ADSelfService Exploit

Nov 8, 2021 by iHash Leave a Comment

At least nine entities across the technology, defense, healthcare, energy, and education industries were compromised by leveraging a recently patched critical vulnerability in Zoho's ManageEngine ADSelfService Plus self-service password management and single sign-on (SSO) solution. The spying campaign, which was observed starting September 22, 2021, involved the threat actor … [Read more...] about Experts Detail Malicious Code Dropped Using ManageEngine ADSelfService Exploit

Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan

Aug 17, 2021 by iHash Leave a Comment

A new social engineering-based malvertising campaign targeting Japan has been found to deliver a malicious application that deploys a banking trojan on compromised Windows machines to steal credentials associated with cryptocurrency accounts. The application masquerades as an animated porn game, a reward points application, or a video streaming application, Trend Micro … [Read more...] about Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan

Several Malicious Typosquatted Python Libraries Found On PyPI Repository

Jul 30, 2021 by iHash Leave a Comment

As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing malicious code, once again highlighting how software package repositories are evolving into a popular target for supply chain attacks. "Lack of moderation and automated security controls in public software repositories allow even inexperienced … [Read more...] about Several Malicious Typosquatted Python Libraries Found On PyPI Repository

Malicious NPM Package Caught Stealing Users’ Saved Passwords From Browsers

Jul 21, 2021 by iHash Leave a Comment

A software package available from the official NPM repository has been revealed to be actually a front for a tool that's designed to steal saved passwords from the Chrome web browser. The package in question, named "nodejs_net_server" and downloaded over 1,283 times since February 2019, was last updated seven months ago (version 1.1.2), with its corresponding repository leading … [Read more...] about Malicious NPM Package Caught Stealing Users’ Saved Passwords From Browsers

Malicious spam spreading banking Trojans

Jul 9, 2021 by iHash Leave a Comment

For employees facing hundreds of e-mails, the temptation to speed-read and download attachments on autopilot can be great. Cybercriminals, of course, take advantage, sending out seemingly important documents that might contain just about anything from phishing links to malware. Our experts recently discovered two very similar spam campaigns distributing the IcedID and Qbot … [Read more...] about Malicious spam spreading banking Trojans

Minnesota University Apologizes for Contributing Malicious Code to the Linux Project

Apr 26, 2021 by iHash Leave a Comment

Researchers from the University of Minnesota apologized to the maintainers of Linux Kernel Project on Saturday for intentionally including vulnerabilities in the project's code, which led to the school being banned from contributing to the open-source project in the future. "While our goal was to improve the security of Linux, we now understand that it was hurtful to the … [Read more...] about Minnesota University Apologizes for Contributing Malicious Code to the Linux Project

Malicious Amazon Alexa Skills Can Easily Bypass Vetting Process

Feb 26, 2021 by iHash Leave a Comment

Researchers have uncovered gaps in Amazon's skill vetting process for the Alexa voice assistant ecosystem that could allow a malicious actor to publish a deceptive skill under any arbitrary developer name and even make backend code changes after approval to trick users into giving up sensitive information. The findings were presented on Wednesday at the Network and Distributed … [Read more...] about Malicious Amazon Alexa Skills Can Easily Bypass Vetting Process

Google Removes 21 Malicious Android Apps from Play Store

Oct 27, 2020 by iHash Leave a Comment

Google has stepped in to remove several Android applications from the official Play Store following the disclosure that the apps in question were found to serve intrusive ads. The findings were reported by the Czech cybersecurity firm Avast on Monday, which said the 21 malicious apps (list here) were downloaded nearly eight million times from Google's app marketplace. The apps … [Read more...] about Google Removes 21 Malicious Android Apps from Play Store

Amazon Alexa Bugs Allowed Hackers to Install Malicious Skills Remotely

Aug 13, 2020 by iHash Leave a Comment

Attention! If you use Amazon's voice assistant Alexa in you smart speakers, just opening an innocent-looking web-link could let attackers install hacking skills on it and spy on your activities remotely.Cybersecurity researchers today disclosed severe security vulnerabilities in Amazon's Alexa virtual assistant that could render it vulnerable to a number of malicious … [Read more...] about Amazon Alexa Bugs Allowed Hackers to Install Malicious Skills Remotely

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54