In July 2019, Dr. Web reported about a backdoor trojan in Google Play, which appeared to be sophisticated and unlike common malware often uploaded for stealing victims’ money or displaying ads. So, we conducted an inquiry of our own, discovering a long-term campaign, which we dubbed “PhantomLance”, its earliest registered domain dating back to December…
The PhantomLance espionage campaign is targeting specific victims, mainly in Southeast Asia — and could be the work of the OceanLotus APT.
Several new databases have been uncovered on underground forums sharing recycled Zoom credentials.
Researchers discovered a .git folder exposing passwords and more for a website that gives advice to organizations about complying with the General Data Protection Regulation (GDPR) rules.
A pre-auth SQL injection bug leading to remote code execution is at the heart of a data-stealing campaign against XG firewalls, using the Asnarok trojan.
More than 150,000 emails spreading the Hupigon RAT that use adult dating as a lure have been uncovered, with almost half being sent to U.S. university and college email addresses.
Firewalls are easy to misconfigure. While the security consequences of such errors may be acceptable for some firewalls, the accumulated risks of misconfigured firewalls in a defense-in-depth OT network architecture are generally unacceptable.
Now patched flaw allowed attacker to take over an organization’s entire roster of Microsoft Teams accounts.
The free online conference, scheduled for April 28-30, will feature top security researchers from across the industry.
Sindhi-language characters can crash iPhones and other iOS/macOS devices if a victim views texts, Twitter posts or messages within various apps containing them.