APT Attack Injects Malware into Windows Error Reporting
The fileless attack uses a phishing campaign that lures victims with information about a worker’s compensation claim.
Unpatched Apple T2 Chip Flaw Plagues Macs
A researcher claims that the issue can be exploited by attackers in order to gain root access.
Post Grid WordPress Plugin Flaws Allow Site Takeovers
Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs — together they have 66,000 installs.
Black-T Malware Emerges From Cryptojacker Group TeamTNT
The cryptojacking malware variant builds on the TeamTNT group’s typical approach, with a few new — and sophisticated — extras.
Malware Families Turn to Legit Pastebin-Like Service
AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks.
Rare Bootkit Malware Targets North Korea-Linked Diplomats
The MosaicRegressor espionage framework is newly discovered and appears to be the work of Chinese-speaking actors.
Tenda Router Zero-Days Emerge in Spyware Botnet Campaign
A variant of the Mirai botnet, called Ttint, has added espionage capabilities to complement its denial-of-service functions.