Over 10M Android Users Infected by GriftHorse Trojan

Security Intelligence – Security Intelligence – Over 10M Android Users Infected by GriftHorse Trojan A mobile premium services campaign infected over 10 million Android users with the GriftHorse Trojan. More…

Phishing-as-a-Service: Research Exposes BulletProofLink Gang

Security Intelligence – Security Intelligence – Phishing-as-a-Service: Research Exposes BulletProofLink Gang It’s a growing trend among attackers to offer their products as a service, just as regular companies do. In…

REvil Affiliates Arrested; DOJ Seizes $6.1M in Ransom

The U.S. is seeking the extradition of a Ukrainian man, Yaroslav Vasinskyi, whom they suspect is behind the Kaseya supply-chain attacks and other REvil attacks. International law enforcement is squeezing…

Ransom fail: Iranian hackers leak trove of Israeli LGBTQ dating app data

Iranian Hackers Leaked Private Messages and sensitive data of 690,000 Israeli LGBTQ Dating App Atraf Users After $1 Million Ransom is Denied. An Iranian hacking group was denied its ransom…

Phishing: Attackers Use DocuSign to Send Malicious Links

Security Intelligence – Security Intelligence – Phishing: Attackers Use DocuSign to Send Malicious Links Attackers are abusing the electronic agreement management company DocuSign to send phishing links and documents. Inside…

Report: BlackMatter Ransomware Gang Goes Dark, Again

The former DarkSide cybercriminal group will shut down due to increased pressure from authorities, who may have nabbed a key team member. The prolific ransomware group that rose from the…

Apple Patches Critical iOS Bugs; One Under Attack

Researchers found that one critical flaw in question is exploitable from the browser, allowing watering-hole attacks. Apple lovers who haven’t yet updated to iOS 15, you may want to pop…

Triada Trojan Conceals Itself in WhatsApp Mod

Security Intelligence – Security Intelligence – Triada Trojan Conceals Itself in WhatsApp Mod A variant of the Triada Trojan concealed itself within a WhatsApp mod for Android devices, Kaspersky found…

CISA warns of trojanized versions of JavaScript library’s NPM package

The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM repository. On Friday, the US Cybersecurity and Infrastructure…

Gigabyte Allegedly Hit by AvosLocker Ransomware

If AvosLocker stole Gigabyte’s master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds. The AvosLocker ransomware gang is…