UpdateAgent malware variant impersonates legitimate macOS software

The new variant of UpdateAgent malware is also capable of dropping adware against macOS. The IT security researchers at Microsoft Security Intelligence have discovered a new variant of  UpdateAgent (aka…

FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks

The infamous Carbanak operator is moving is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure ‘pen-testing’ company. The financially motivated cybercrime gang behind…

Google details cookie stealer malware campaign targeting YouTubers

Google attributed the malware campaign to a group of attackers recruited via a Russian-language hacker forum. Google has disclosed details of a new campaign involving phishing attacks launched against YouTube…

REvil Servers Shoved Offline by Governments – But They’ll Be Back, Researchers Say

A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline. The REvil…

WinRAR vulnerability allowed attackers to remotely hijack systems

The vulnerability in WinRAR trialware could be abused by a remote attacker for executing arbitrary code on any system thus, getting an opportunity to launch a range of attacks. According…

Cisco SD-WAN Security Bug Allows Root Code Execution

The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw. Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could allow…

Pentesters Wanted for Ransomware Attacks!

The Russian Advanced Persistent Threat (APT) group FIN7 is trying to break into the lucrative ransomware market by creating bogus cybersecurity organizations that perform network attacks under the pretense of…

Webhards and Torrents: the New Channels for RAT Malware Propagation in Korea

South Korea seems to be a target of a new malicious campaign that propagates RAT malware camouflaged into a game for adults. The way it is distributed happens via torrents…

Hackers somehow got their rootkit a Microsoft-issued digital signature

Cybersecurity researchers at Bitdefender have detailed how cyber criminals have been using FiveSys, a rootkit that somehow made its way through the driver certification process to be digitally signed by Microsoft.  …

This monster of a phishing campaign is after your passwords

Microsoft has detailed an unusual phishing campaign aimed at stealing passwords that uses a phishing kit built using pieces of code copied from other hackers’ work. A “phishing kit” is…