A multi-stage downloader trojan dubbed sLoad uses BITS to steal data from compromised systems. Attackers use sLoad to evade anti-malware protections and security monitoring that may not detect activity using these unconventional protocols.
Security researchers have discovered a dangerous Android vulnerability dubbed “StrandHogg” under active attack by dozens of malicious apps. To add, 500 of the most popular apps may also be vulnerable to the StrandHogg vulnerability.
A new Windows trojan dubbed CStealer attempts to steal passwords from Chrome browser. The malware also uses a remote MongoDB server to store the stolen passwords.
Security researchers from Trend Micro have spotted a dozen obfuscated botnets being used in a highly targeted malware campaign.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has warned of an ongoing and widespread phishing campaign designed to spread Emotet malware throughout Australia.
Attackers are using a "fileless" malware dubbed Divergent to generate revenue via click-fraud. Divergent further uses NodeJS and a WinDivert utlility to facilitate the malware attack.
A cyber attack group dubbed "Tortoiseshell" has deployed a fake website posing as a site to help U.S. military veterans find jobs. The website is then used to download malware to visitors' systems.
A new ransomware dubbed TFlower has been targeting corporate environments via exposed remote desktop services (RDS).
Security experts have uncovered an incident that involved the Watchbog cryptomining botnet. Attackers exploited CVE-2018-1000861 to establish a foothold on the victim's network and install Watchbog malware on unpatched systems.
A group of hackers have been using compromised websites to launch watering hole attacks against iPhone users who visit the websites. The attacks also use five different exploit chains and exploit 0-day vulnerabilities that don't require any user interaction.