RAT malware campaign tries to evade detection using polyglot files
Operators of the StrRAT and Ratty remote access trojans (RAT) are running a new campaign using polyglot MSI/JAR and CAB/JAR files to evade detection from…
Category: Bleeping Computer
Microsoft tests live kernel memory dumps in Windows 11 Task Manager
Microsoft is testing a new diagnostic tool in Windows 11 that lets you create live kernel memory dumps without disrupting the operation of Windows. A…
Android TV box on Amazon came pre-installed with malware
A Canadian system administrator discovered that an Android TV box purchased from Amazon was pre-loaded with persistent, sophisticated malware baked into its firmware. The malware…
European police takes down call centers behind cryptocurrency scams
Multiple call centers across Europe controlled by a criminal organization involved in online investment fraud were taken down this week following a cross-border investigation started…
Vice Society ransomware claims attack on Australian firefighting service
Australia’s Fire Rescue Victoria has disclosed a data breach caused by a December cyberattack that is now claimed by the Vice Society ransomware gang. Fire…
Royal Mail halts international services after cyberattack
The Royal Mail, UK’s leading mail delivery service, has stopped its international shipping services due to “severe service disruption” caused by what it described as…
Gootkit malware abuses VLC to infect healthcare orgs with Cobalt Strike
The Gootkit loader malware operators are running a new SEO poisoning campaign that abuses VLC Media Player to infect Australian healthcare entities with Cobalt Strike…
Cisco warns of auth bypass bug with public exploit in EoL routers
Cisco warned customers today of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life (EoL) VPN routers. The security flaw (CVE-2023-20025) was…
Scattered Spider hackers use old Intel driver to bypass security
A financially motivated threat actor tracked as Scattered Spider was observed attempting to deploy Intel Ethernet diagnostics drivers in a BYOVD (Bring Your Own Vulnerable…
Twitter claims leaked data of 200M users not stolen from its systems
Twitter finally addressed reports that a dataset of email addresses linked to hundreds of millions of Twitter users was leaked and put up for sale…
Threema claims encryption flaws never had a real-world impact
A team of researchers from ETH Zurich has published a paper describing multiple security flaws in Threema, a secure end-to-end encrypted communications app. Threema is…
StrongPity hackers target Android users via trojanized Telegram app
The StrongPity APT hacking group is distributing a fake Shagle chat app that is a trojanized version of the Telegram for Android app with an…