‘DarkWatchman’ RAT Shows Evolution in Fileless Malware

The new tool manipulates Windows Registry in unique ways to evade security detections and is likely being used by ransomware groups for initial network access. A novel remote access trojan…

Log4j flaw: This new threat is going to affect cybersecurity for a long time

If there ever was any doubt over the severity of the Log4j vulnerability, director of US cybersecurity and infrastructure agency CISA, Jen Easterly, immediately quashed those doubts when she described…

Comprehensive Phishing Study Shows Who Is More Prone to Fall Victim to Phishing Attacks

Researchers from ETH Zurich conducted a study to investigate who is more prone to fall victim to phishing cyberattacks in a corporate context. The study involved 14,733 participants and was…

Google: This zero-click iPhone attack was incredible and terrifying

Google has explained how surveillance company NSO Group developed an exploit that would allow users of its software to gain access to an iPhone and install spyware – without a…

Anubis Android Malware Is Back and It Is Focusing on Financial Institutions

In a recent malware operation, the Anubis Android banking malware is targeting clients of approximately 400 banking institutions. The cybercriminals are attacking financial institutions, cryptocurrency wallets, and digital payment systems…

Why Payroll Is The Next Company Security Battleground?

Payroll is one of the most appealing targets for cybercriminals, involving as it does the large transfer of money between institutions whilst being susceptible to hacking due to outdated technology…

Singapore-South Korea digital economy deal to sync up on data, payments

Singapore has finalised negotiations with South Korea on a digital economy agreement that will see both nations collaborate across several areas, including cross-border online payments, data flows, cryptography, and artificial…

Agent Tesla Spyware Used in Phishing Campaign

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger). Agent…

Collecting In the Dark: Tropic Trooper Targets Transportation and Government

Trend Micro – Trend Micro – While analyzing samples, we found that the C&C server was already inactive. Without knowing the traffic between SmileSvr and C&C server, we could not…

Where the Latest Log4Shell Attacks Are Coming From

Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw. Cybersecurity professionals across the world have been scrambling to shore up their systems against a critical remote code-execution (RCE)…