A newly discovered Android malware campaign, dubbed Tria Stealer, has been targeting users in Malaysia and Brunei since mid-2024. Leveraging fake wedding invitations as a lure, this Trojan steals sensitive data, including SMS messages, call logs, and app notifications, and…
Tag: Cyber Security News
Phorpiex Botnet Distributes LockBit Ransomware Through Compromised Websites
Cybersecurity experts have uncovered the use of the Phorpiex botnet to distribute LockBit Black ransomware (LockBit 3.0) through millions of phishing emails and compromised websites. This campaign, active since April 2024, marks a significant evolution in ransomware delivery methods, leveraging…
Top 3 Most Popular Malware TTPs of the Past Year
Cyber threats evolve rapidly, but some tactics stand out for their widespread use and effectiveness. In its latest 2024 trends report, ANY.RUN identified the top malware Tactics, Techniques, and Procedures (TTPs) employed by cyber attackers for malicious purposes. Let’s dive…
Arcus Media Ransomware Delete Backup, Clear Logs, Disable Remote After Lock The Files
The Arcus Media ransomware has emerged as a significant cybersecurity threat, employing advanced techniques to maximize disruption and hinder recovery efforts. Operating under a Ransomware-as-a-Service (RaaS) model, the group has targeted industries worldwide, including business services, retail, and media, since…
New Android Malware Exploiting Wedding Invitations to Steal Victims WhatsApp Messages
A sophisticated Android malware campaign, dubbed Tria Stealer, has been targeting users in Malaysia and Brunei since mid-2024. The malware uses fake wedding invitations as a lure to trick victims into installing a malicious Android Package Kit (APK). Once installed,…
Canon Printer Vulnerabilities Let Attackers Execute Arbitrary Code Remotely
Multiple critical security vulnerabilities affecting Canon Laser Printers and Small Office Multifunctional Printers. These vulnerabilities, identified as buffer overflow flaws, could allow attackers to execute arbitrary code remotely or render the devices inoperative through Denial-of-Service (DoS) attacks. The affected models…
Windows 11 Start Menu Now Let Users Access Their Android & iPhones
Microsoft has unveiled a significant update to Windows 11, enhancing the Start menu with seamless integration for both Android and iPhone devices. This feature, previously exclusive to Android users, now extends to iPhone owners, allowing them to access their phone’s…
Hackers Exploit Public-facing Vulnerable IIS, Apache, SQL Servers to Attack Gov & Telcom Networks
A sophisticated cyberespionage campaign, tracked as CL-STA-0048, has been identified targeting government and telecommunications networks in South Asia. The attackers exploited vulnerabilities in public-facing servers running Microsoft IIS, Apache Tomcat, and MSSQL to gain unauthorized access and exfiltrate sensitive data.…
North Korean APT Lazarus Compromises Developers via Malicious NPM Packages
The North Korean state-sponsored hacking group Lazarus has been implicated in a sophisticated supply chain attack targeting developers through malicious Node Package Manager (NPM) packages. Security researchers have identified the package, postcss-optimizer, as a key vector for delivering malware to…
Hackers Use 10,000 WordPress Sites To Deliver Malware To macOS and Microsoft Systems
A sophisticated cyberattack has compromised over 10,000 WordPress websites, delivering cross-platform malware to unsuspecting users. The campaign exploits outdated WordPress versions and plugins, redirecting visitors to fake browser update pages that deploy malicious software targeting both macOS and Windows systems.…