Summary: The report warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications.
Threat Actor: Transparent Tribe, also known as APT36 | Transparent …
Summary: The report warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications.
Threat Actor: Transparent Tribe, also known as APT36 | Transparent …
Summary: The content discusses the decline in activity of the Predator spyware group, indicating that sanctions and exposure have impacted their operations.
Threat Actor: Predator spyware group | Predator spyware …
Summary: A novel malware strain called Snowblind is targeting banking customers in Southeast Asia, using a technique that disables Android banking apps’ ability to detect malicious modifications, leading to financial …
Summary: The Medusa banking trojan for Android has resurfaced in campaigns targeting several countries, using more compact variants with fewer permissions and new features to initiate transactions directly from compromised …
Summary: This blog discusses SpyMax, an Android RAT that targets Telegram users, and highlights its capabilities and impact on user privacy and data integrity.
Threat Actor: SpyMax | SpyMax Victim: …
Summary: This article discusses the use of popular online services, such as Pastebin, by malware developers to obfuscate their command and control (C2) server locations and evade detection.
Threat Actor: …
Threat actors are constantly working on novel ways to target users across the globe. This blog is about SpyMax, an Android RAT that targets Telegram users. A point to be …
Summary: This content explains what overlays are, particularly on Android devices, and how cybercriminals use them to deceive users.
Threat Actor: Cybercriminals | cybercriminals Victim: Android device users | Android …
Two men have been extradited from Malaysia to face charges in Singapore for their suspected involvement in a series of malware-enabled scams that have targeted Singaporeans since June 2023.
Two …
Summary: China’s cybersecurity experts have become dominant players in global capture-the-flag competitions, exploit contests, and bug bounty programs, and the Chinese government is using their expertise to strengthen the nation’s …
Summary: This article discusses the use of dozens of servers to distribute malicious Android apps by a cybercrime group in Asia, resulting in a $25 million fraud scheme.
Threat Actor: …
Summary: A new speculative execution attack named “TIKTAG” targets ARM’s Memory Tagging Extension (MTE) to leak data with a high success rate, bypassing the security feature.
Threat Actor: Not specified …
Threat Actor: Unknown | Unknown Victim: Android users | Android users Price: $5,000,000 Exfiltrated Data Type: Complete control over the targeted device
Additional Information :
The exploit is a zero-click…In a recent engagement I had to deal with some custom encrypted strings inside an Android ARM64 app. I had a lot of fun reversing the app and in the …
The Hi-Tech Crime Trends report by Group-IB highlights a growing cybercriminal focus on Apple devices due to their increasing popularity. This shift has led to a rise in malware …
Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three known exploited vulnerabilities to its catalog, including an Android Pixel Privilege Escalation Vulnerability, a Microsoft Windows Error Reporting …
Summary: Google has released patches for 50 security vulnerabilities.
Threat Actor: None Victim: None
Key Point :
Google has released patches for 50 security vulnerabilities, including two zero-day flaws that…Summary: A Pakistani threat actor known as Cosmic Leopard has been conducting cyber espionage and surveillance on Indian government-associated entities for the past six years.
Threat Actor: Cosmic Leopard | …
ESET researchers have identified five campaigns targeting Android users with trojanized apps. Most probably carried out by the Arid Viper APT group, these campaigns started in 2022 and three of …
Summary: This content discusses five cyber espionage campaigns targeting Android users in Egypt and Palestine, attributed to the Arid Viper hacking group.
Threat Actor: Arid Viper | Arid Viper Victim: …
By Gi7w0rm, Asheer Malhotra and Vitor Ventura.
Cisco Talos is disclosing a new malware campaign called “Operation Celestial Force” running since at least 2018. It is still active today, employing…Written by: Kristen Dennesen, Luke McNamara, Dmitrij Lenz, Adam Weidemann, Aline Bueno
Individuals and organizations in Brazil face a unique cyber threat landscape because it is a complex interplay of …
Threat Actor: OnePlus | OnePlus Victim: Users of OnePlus devices | OnePlus Price: Not specified Exfiltrated Data Type: User data, including IMEI and manufacturer details
Additional Information :
Security researcher…Summary: Arm has issued a security bulletin warning of a memory-related vulnerability in Bifrost and Valhall GPU kernel drivers that is being exploited in the wild.
Threat Actor: Exploits targeting …
Threat Actor: Unknown | Unknown Victim: Android devices | Android devices Price: $5 million Exfiltrated Data Type: Not specified
Additional Information:
The exploit is a zero-click full chain exploit targeting…This staggering amount underscores the imminent need for cyber security to be treated as a global priority. Moreover, with the explosion …
AhnLab SEcurity intelligence Center (ASEC) has been publishing the Online Scams series to inform the readers about the ever-evolving scams. Prevention and blocking are the two most important measures to …
Written by: Michelle Cantos, Jamie Collier
Executive Summary Mandiant assesses with high confidence that the Paris Olympics faces an elevated risk of cyber threat activity, including cyber espionage, disruptive and…
Lolbins? Where we’re going, we don’t need lolbins.
At NCC Group, as a consultant in our hardware and embedded systems practice1, I often get to play with various devices, which …
Summary: This content is the Android Security Bulletin for June 2024, which provides details of security vulnerabilities affecting Android devices and the corresponding security patch levels.
Threat Actor: N/A
Victim: …
Summary: Attackers have exploited a zero-day vulnerability in TikTok’s direct messages feature to hijack high-profile accounts belonging to companies and celebrities, including Sony, CNN, and Paris Hilton.
Threat Actor: Unknown …
Summary: This content discusses the advertising of a new Android Remote Trojan called Viper RAT on dark web forums and its capabilities.
Threat Actor: Viper RAT | Viper RAT Victim: …
Authored by Dexter Shin
Many government agencies provide their services online for the convenience of their citizens. Also, if this service could be provided through a mobile app, it would …
Summary: Researchers have discovered a macOS version of the LightSpy spyware that has been active since January 2024, with threat actors using publicly available exploits to deliver the spyware and …
In October 2023 we posted our research about the notorious surveillance framework LightSpy2. In our research, we proved with a high degree of confidence that both implants for Android and …
A stalkerware company with poor security practices is exposing victims’ data as the software, designed for unauthorized device monitoring, leaked victims’ phone screenshots through a publicly accessible URL.
The incident …
At Zscaler ThreatLabz, we regularly monitor the Google Play store for malicious applications. Over the past few months, we identified and analyzed more than 90 malicious applications uploaded to …
Summary: Researchers have discovered multiple fake AV sites that are distributing info-stealers, including APK, EXE, and Inno setup installer files with spy and stealer capabilities. These sites are masquerading as …
By Gurumoorthi Ramanathan · May 23, 2024
Executive summaryIn mid-April 2024, Trellix Advanced Research Center team members observed multiple fake AV sites hosting highly sophisticated malicious files such as …
Threat Actor: Native-One | Native-One Victim: Multiple users | Multiple users Price: Not specified Exfiltrated Data Type: Not specified
Additional Information :
GhostHook v1.0 is a file-less browser malware developed…XLab’s CTIA(Cyber Threat Insight Analysis) System continuously tracks and monitors the active mainstream DDoS botnets. Recently, our system has observed that CatDDoS-related gangs remain active and have exploited over 80 …
Summary: A consumer-grade spyware app called pcTattletale has been found running on the check-in systems of Wyndham hotels, capturing screenshots of guest details and customer information, which are available to …
Summary: This article discusses concerns about the privacy of library reading material and how it relates to targeted advertising.
Threat Actor: Advertising platforms
Victim: Library users
Key Point :
An…Summary: A new banking Trojan called Antidot has been discovered by Cyble Research and Intelligence Labs, targeting Android devices with sophisticated malware features.
Threat Actor: Antidot Trojan | Antidot Trojan …
Summary: Google is introducing new anti-theft and data protection features for Android devices, including a Theft Detection Lock, Offline Device Lock, and Remote Lock.
Threat Actor: N/A
Victim: N/A
Key …
Summary: Apple and Google have announced an industry specification for Bluetooth tracking devices that will alert users to unwanted tracking.
Threat Actor: Unwanted tracking | unwanted tracking Victim: Users | …
Summary: This content discusses a cyber campaign conducted by Russian-speaking threat actors who used legitimate internet services to deploy various malware variants, posing challenges for tracking and defense against this …