Chasing Chaes Kill Chain

Avast –  Avast –  Introduction Chaes is a banking trojan that operates solely in Brazil and was first reported in November 2020 by Cybereason. In Q4 2021, Avast observed an…

DuckDuckGo developing a robust privacy-focused desktop browser

According to DuckDuckGo, the desktop browser will work on both Mac and Windows devices. DuckDuckGo has revealed its plans for an upcoming desktop app in its latest blog post in…

Malicious Exchange Server Module Hoovers Up Outlook Credentials

“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Researchers have uncovered a previously unknown malicious IIS module,…

Agent Tesla Spyware Used in Phishing Campaign

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger). Agent…

French Users and Orgs Targeted by TinyNuke Info-Stealing Malware

According to security researchers, the TinyNuke banking malware (also known as Nukebot) has resurfaced in a new operation exclusively targeting French users and organizations with invoice-themed email lures. The targets…

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

Trend Micro – Trend Micro – New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes Ransomware We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these…

Malicious npm Code Packages Built for Hijacking Discord Servers

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm)…

Fake KPSPico Windows activator tool KPSPico steals crypto wallet data

The malware is dubbed CrypBot is essentially an information stealer that can obtain credentials for cryptocurrency wallets, browsers, credit cards, browser cookies, and capture screenshots from compromised devices. Cybersecurity solutions…

Malvertising attack distributes malicious Chrome extensions, backdoors

Researchers believe that the campaign has been active since 2018, and since then, the malware has been under development constantly. Cisco Talos researchers have identified malvertising campaigns using fake installers…

This password-stealing and keylogging malware is being spread through fake software downloads

Cyber criminals are using online adverts for fake versions of popular software to trick users into downloading three forms of malware – including a malicious browser extension with the same capabilites as trojan…