Cryptominers and fileless PowerShell techniques make for a dangerous combo
This new dual-payload cryptojacking malware can disable Windows Antimalware Scan Interface and inject itself directly into memory of legitimate processes.
Stories by Lucian Constantin
Emergent Android banking Trojan shows app overlay attacks are still effective
By taking code from another Android Trojan, Anubis, the Ginp malware has enhanced itself and has begun targeting banks.
Attackers phish Office 365 users with fake voicemail messages
Recent phishing campaigns have combined a clever use of fake voicemail, phony Microsoft email, and off-the-shelf phishing kits to target high-value victims.
Cryptojacking worm infects exposed Docker deployments
Graboid is the first known instance of a cryptomining worm used to create botnets spread using containers.
China supported C919 airliner development through cyberespionage
Chinese hackers and intelligence agencies coordinated cyberattacks to gather intellectual property of aerospace firms to gain competitive advantage.
Zero-day vulnerability gives attackers full control of Android phones
Attackers are reportedly exploiting an unpatched vulnerability to take control of Android devices and potentially deliver spyware.
SMS-based provisioning messages enable advanced phishing on Android phones
Attackers can use this vulnerability to send highly credible phishing messages. Victims' internet traffic is then routed through the attacker's proxy.
Companies with zero-trust network security move toward biometric authentication
According to new research, more companies are enabling biometric authentication on devices to verify access requests.
Phishing attacks that bypass 2-factor authentication are now easier to execute
Researchers released two tools--Muraen and NecroBrowser--that automate phishing attacks that can bypass 2FA. Most defenses won't stop them.
Public SAP exploits could enable attacks against thousands of companies
A recently released exploit takes advantage of a known configuration vulnerability that persists among many on-premise and cloud SAP instances.
Researchers warn of unpatched vulnerability in Oracle WebLogic Server
Detected scans suggest attacker are seeking vulnerable servers to target for attacks.
Magecart payment card skimmer gang returns stronger than ever
Web-based card skimmers are becoming harder to detect and remove thanks to evolving techniques.
Hackers use Slack to hide malware communications
A group of hackers is using a previously undocumented backdoor program designed to interact with attackers over Slack.
Qbot malware resurfaces in new attack against businesses
The decade-old Qbot financial malware has resurfaced with an improved version in a new attack that has infected thousands of systems so far.
IoT botnets target enterprise video conferencing systems
WootCloud researchers discover an internet of things botnet based on Mirai that exploits Polycom video conferencing systems. Polycom has issued an advisory and best practices for mitigating the risk.