Summary: Apple has backported security patches to older iPhones and iPads, fixing an iOS zero-day vulnerability that was actively exploited in attacks.
Threat Actor: Unknown | Unknown Victim: Apple | …
Summary: Apple has backported security patches to older iPhones and iPads, fixing an iOS zero-day vulnerability that was actively exploited in attacks.
Threat Actor: Unknown | Unknown Victim: Apple | …
AhnLab’s Mobile Analysis Team has confirmed cases of romance scams where perpetrators establish rapport by posing as overseas friends or romantic partners. They exploit this connection to solicit money under …
Infostealers targeting macOS devices have been on the rise for well over a year now, with variants such as Atomic Stealer (Amos), RealStealer (Realst), MetaStealer and others widely distributed in …
In late 2023 and early 2024, the NCC Group Hardware and Embedded Systems practice undertook an engagement to reverse engineer baseband firmware on several smartphones. This included MediaTek 5G …
Summary: This content discusses a novel attack called TunnelVision that targets virtual private network (VPN) applications, compromising their ability to protect user traffic.
Threat Actor: Researchers have discovered this attack …
Summary: Finland’s Transport and Communications Agency (Traficom) has warned about an ongoing Android malware campaign that targets online bank accounts. Scammers send SMS messages instructing recipients to call a number …
Summary: Android devices have been found to leak DNS queries when switching VPN servers, even with the “Always-on VPN” feature enabled.
Threat Actor: Android bug
Victim: Mullvad VPN users
Key …
Summary: This content discusses the identification of vulnerabilities in Android apps from smartphone maker Xiaomi and Google’s Android Open Source Project (AOSP) by Oversecured, a business that scans mobile apps …
Summary: This content discusses a path traversal-affiliated vulnerability pattern found in multiple popular Android applications, which could lead to arbitrary code execution and token theft.
Threat Actor: Microsoft | Microsoft …
Published On : 2024-05-03
EXECUTIVE SUMMARYThe team at CYFIRMA recently intercepted Android malware suspected to have been delivered by a Pakistan-based APT group targeting Indian defense personnel. Surprisingly, the …
On April 24, 2024, we found a previously undetected malicious Mach-O binary programmed to behave like a cross between spyware and an infostealer. We have named the malware Cuckoo, after …
Summary: A new Android backdoor malware named ‘Wpeeper’ has been discovered in unofficial app stores, using compromised WordPress sites as relays for its command and control servers.
Threat Actor: Wpeeper …
This week, CERT-AGID found and analysed, in the Italian scenario of its reference, a total of 27 malicious campaigns , of which 21 with Italian objectives and 6 generic ones which nevertheless affected …
On April 11, 2024, BlackBerry released a new blog detailing a new VirusTotal upload of the LightSpy mobile spyware framework. BlackBerry stated that this malware was an iOS implant, yet …
Summary: Google blocked millions of Android apps and suspended thousands of developer accounts in an effort to protect users and maintain the security of its official app store.
Threat Actor: …
The SonicWall Capture Labs threat research team has been regularly sharing information about malware targeting Android devices. We’ve encountered similar RAT samples before, but this one includes extra commands …
Summary: The content discusses a new Android banking trojan called Brokewell that can capture user data and take control of infected devices, highlighting its capabilities and the threat actor behind …
Summary: A security researcher discovered vulnerabilities in the popular location-tracking app iSharing that allowed anyone using the app to access other users’ coordinates and personal information, even if the user …
Summary: Security vulnerabilities in cloud-based pinyin keyboard apps have been discovered, which could allow threat actors to access users’ keystrokes.
Threat Actor: Various threat actors targeting users of cloud-based pinyin …
As the digital landscape continues to evolve, the United States finds itself at the forefront of emerging cybersecurity challenges. With its critical infrastructure, extensive government networks, and vibrant economy, the …
Threat Actor: Unknown | Unknown Victim: WhatsApp users | WhatsApp Price: Not specified Exfiltrated Data Type: Not specified
Additional Information:
The threat actor claims to have a zero-day exploit for…In early 2024, Group-IB’s Threat Intelligence team observed a surge in phishing URLs targeting INTERAC, a Canadian payment service. Subsequently, a client operating in Canada reported an uptick in phishing attempts against …
New research from Recorded Futures Insikt Group focuses on the growing threat of a possible "mobile NotPetya" event. Through zero-click exploits, a self-propagating mobile malware could infiltrate smartphones at scale. …
Many people make banking transactions online now. And since mobile devices are one of the most popular and convenient ways to shop and make payments, criminals are naturally drawn to …
Summary: This article discusses a new banking Trojan called SoumniBot that is targeting Korean users by exploiting vulnerabilities in the Android manifest and using obfuscation techniques to evade detection.
Threat …
TransparentTribe primarily targets Indian government organizations, military personnel, and defense contractors. Its objective is usually to gather sensitive information, conduct cyber espionage, and compromise the security of its targets.
TransparentTribe …
Password-manager LastPass users were recently targeted by a convincing phishing campaign that used a combination of email, SMS, and voice calls to trick targets into divulging their …
Pupy is a RAT malware strain that offers cross-platform support. Because it is an open-source program published on GitHub, it is continuously being used by various threat actors including APT …
The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as …
Summary: Chirp Systems’ software, which controls smart locks, has a critical security vulnerability that allows strangers to remotely unlock the locks due to hard-coded passwords and private keys in the …
ESET researchers have discovered an active espionage campaign targeting Android users with apps primarily posing as messaging services. While these apps offer functional services as bait, they are bundled with …
Summary: Cybersecurity researchers have discovered a renewed cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy.
Threat Actor: LightSpy …
Threat Actor: Unknown | Unknown Victim: Android and iOS device users | Android and iOS device users Price: Not specified Exfiltrated Data Type: Not specified
Additional Information:
The threat actor…Summary: Microsoft has addressed two zero-day vulnerabilities that threat actors are exploiting to deliver malware.
Threat Actor: Unknown | Unknown Victim: Microsoft | Microsoft
Key Point :
Microsoft has patched…Summary: Cybersecurity researchers from Bitdefender discovered critical vulnerabilities in LG TVs running webOS versions 4 through 7, which could allow attackers to gain complete control over the TV, steal data, …
Summary: A new threat actor named “Starry Addax” is targeting human rights activists associated with the Sahrawi Arab Democratic Republic (SADR) cause in North Africa using a mobile malware called …
In December 2023, Sophos X-Ops received a report of a false positive detection on an executable signed by a valid Microsoft Hardware Publisher Certificate. However, the version info for the …
09/04/2024
Phishing home pageA sophisticated malicious campaign is currently underway, aimed at compromising Android devices in Italy through the SpyNote malware. This is disguised as the “INPS Mobile” application, …
Summary: Google is suing two China-based Android app developers for allegedly scamming 100,000 users worldwide through fake cryptocurrency and investment apps, with victims losing up to $75,000.
Threat Actor: China-based …
Summary: A self-service check-in terminal used in a German Ibis budget hotel was found to be leaking hotel room keycodes, potentially affecting hotels around Europe. The security flaw allowed anyone …
Summary: This article discusses the escalating threat of a fake e-shop campaign that targets banking security across various regions. The campaign has expanded from targeting Malaysian banks to financial institutions …
In this report, we will conduct a comprehensive analysis of Gafgyt, which is an ELF malware. Our aim is to examine the malware’s capabilities and determine its functions:
DDoS Attack…The authors behind Android banking malware Vultur have been spotted adding new technical features, which allow the malware operator to further remotely interact with the victim’s mobile device. …
Hihi 😁! In this blog post, we’ll explore the functionality, features, and advantages of Incinerator, an advanced Android reverse engineering suite inspired by the success of Shambles.
Our mission is …
The Pixel Update Bulletin provides details on security vulnerabilities, functional improvements, and updates for supported Pixel devices.
Key Point:
🌟 Security patch levels of 2024-04-05 or later address all issues…______________________ Vultur banking malware for Android poses as McAfee Security app
Key Point : * Vultur banking trojan for Android has advanced remote control capabilities and an improved evasion mechanism. …