Triple-Threat Cryptocurrency RAT Mines, Steals and Harvests
KryptoCibule spreads via pirated software and game torrents.
Joker Spyware Plagues More Google Play Apps
The six malicious apps have been removed from Google Play, but could still threaten 200,000 installs.
Live Webinar: XDR and Beyond
Next week, Senior Analyst Dave Gruber of ESG will join cybersecurity company Cynet for a webinar to help companies better understand the promise and realities of emerging XDR technologies
Cisco Warns of Active Exploitation of Flaw in Carrier-Grade Routers
Multiple flaws in system software that causes errors in packet handling could allow an attacker to consume memory and crash devices.
Chinese APT Debuts Sepulcher Malware in Spear-Phishing Attacks
The RAT has been distributed in various campaigns over the past six months, targeting both European officials and Tibetan dissidents.
Operation PowerFall: CVE-2020-0986 and variants
In August 2020, we published a blog post about Operation PowerFall. This targeted attack consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer 11 and an elevation of privilege exploit targeting the latest builds of Windows 10. While we already described the exploit for Internet Explorer in the original blog post,…
Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws
Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites.
U.S. Voter Databases Offered for Free on Dark Web, Report
Some underground forum users said they’re monetizing the information through the State Department’s anti-influence-campaign effort.
Magecart Credit-Card Skimmer Adds Telegram as C2 Channel
In a rare move, the encrypted messaging service is being used to send stolen payment-card data from websites back to cybercriminals.
FBI: Ring Smart Doorbells Could Sabotage Cops
While privacy advocates have warned against Ring’s partnerships with police, newly unearthed documents reveal FBI concerns about ‘new challenges’ smart doorbell footage could create for cops.