Mar 30, 2024NewsroomMalware / Cryptocurrency Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims' Macs, but operate with the end goal of stealing sensitive data, … [Read more...] about Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware
Users
New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics
Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments. "This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said. The attack chain involves the use of … [Read more...] about New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics
New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users
Mar 01, 2024NewsroomPhishing Kit / Cryptocurrency A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster designed to primarily target mobile devices. "This kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and voice phishing to trick … [Read more...] about New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users
Malicious Ads on Google Target Chinese Users with Fake Messaging Apps
Jan 26, 2024NewsroomMalvertising / Phishing-as-a-service Chinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign. "The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote … [Read more...] about Malicious Ads on Google Target Chinese Users with Fake Messaging Apps
New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user sessions spanning North America, South America, … [Read more...] about New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
Is macOS as secure as its users think?
Many Apple users believe the macOS operating system is so secure that no cyberthreats can harm them, so they don’t need to worry about protecting their devices. However, this is far from the case: while there is less malware for macOS, it’s still much more common than Apple device owners would like to think. In this post, we discuss current threats facing macOS users and how to … [Read more...] about Is macOS as secure as its users think?
3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
Nov 25, 2023NewsroomData Security / Vulnerability The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows - Disclosure of sensitive credentials and configuration in containerized … [Read more...] about 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
Malicious Google Ads Trick WinSCP Users into Installing Malware
Nov 17, 2023NewsroomMalvertising / Malware Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER. "The malicious advertisement directs the user to a … [Read more...] about Malicious Google Ads Trick WinSCP Users into Installing Malware
Google Adopts Passkeys as Default Sign-in Method for All Users
Oct 10, 2023NewsroomPassword Security / Technology Google on Tuesday announced the ability for all users to set up passkeys by default, five months after it rolled out support for the FIDO Alliance-backed passwordless standard for Google Accounts on all platforms. "This means the next time you sign in to your account, you'll start seeing prompts to create and use passkeys, … [Read more...] about Google Adopts Passkeys as Default Sign-in Method for All Users
Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping
Aug 12, 2023THNVulnerability / Privacy Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP) that could be potentially exploited by a malicious attacker to conduct remote attacks. "An external attacker who leverages the vulnerabilities discovered in AudioCodes Ltd.'s desk phones and Zoom's Zero Touch … [Read more...] about Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping