A new security blog post from Microsoft says that accounting and tax return firms are the targets of a phishing campaign designed to deliver a remote access trojan to their computers.
Trojan RSS
A new report from the security firm Mandiant claims that a group based in North Korea is posting fake job listings on LinkedIn that eventually results in malware being downloaded to a user's PC.
A new Pokémon-themed malware campaign has been discovered online. While it disguises itself as a trading card game where players can earn NFTs, it actually downloads a remote access tool.
An Android threat campaign using fraudulent educational apps was recently found. It can capture various Facebook information such as profile name, email address, password, and phone number.
A report by Elastic Security Labs found that 6.2% of malware ends up on macOS devices. However, almost 50% of this malware come from one source, a utility software suite called MacKeeper.
The Powershell Windows Toolbox that was hosted on GitHub was found to contain malicious files. This third-party Windows tool claimed to install Google Play Store, debloat Windows 11, and more.
A new remote access trojan (RAT) or BitRAT has been found which is being distributed through fake Windows product license key activation tools. It is able to bypass detections by Windows Defender.
_medium.jpg)
There was a lot of news from a variety of diverse topics in the world of Microsoft this week ranging from Windows 11, to cybersecurity, to the Outlook-ification of Gmail, and much more.
Back in December last year, Microsoft had disabled the MSIX app installer protocol to prevent malicious spoofing attempts and attacks. Today, a formal annoucement has come regarding the matter.
Microsoft has shared some details about a trojan dubbed "UpdateAgent", which is targeting Mac devices. It is becoming more sophisticated in each campaign and may distribute dangerous payload.
A malicious email that claims to be an employee termination letter is doing the rounds on the internet. This email is actually a Dridex malware attack and hopes to trick its potential victims.
Free and light benchmarking utility UserBenchmark is flagged by close to two dozen anti-virus programs as malware, according to VirusTotal. Windows Security, too, flags it as a "Severe" trojan.
_medium.jpg)
A new Ursnif 2021 variant, which is a known banking trojan, is infecting victim machines by disguising itself as a reCAPTCHA test, which leads the victim to unknowingly download the malware.
Printer driver files from Dell are being flagged as unsafe by anti-virus engines like Avast, McAfee, Fortinet, and more. Logs on Virus Total suggest that they are flagged as malware and trojans.
A newly discovered version of the Emotet Trojan has been observed to be spreading through Wi-Fi networks by using brute-force. The spread can be prevented by using strong, complex Wi-Fi passwords.
The document-scanning app has now returned to the Play Store with an updated version, after being removed by Google last week due to malicious code being found in the app by security researchers.
Microsoft's Windows Defender has reportedly prevented a "massive" coin mining malware outbreak. Users on Windows 7, 8.1, and 10 are safe, but Microsoft encouraged them to use Windows 10 or 10 S.
As part of an effort to remove apps that exploit Accessibility services to serve malware, Google has emailed developers to remove their app if it doesn't really help users with the app experience.
Two banking Trojans, Qakbot and Emotet, have recently shown a rise in activity, according to a recent report by Microsoft. It is now also infecting small to large businesses aside from home users.
Sources have revealed that hackers are using emails that promise fake Game of Thrones spoilers to lure viewers into downloading malware which installs a remote access Trojan on their systems.
A vulnerability in Windows OLE is being exploited by cybercriminals. The attack makes use of an innocuous-looking PowerPoint attachment, which in turn downloads malware to spy on users.
Marcus Hutchins, the security researcher who first discovered the WannaCry kill switch, has been arrested by the FBI in Las Vegas over his alleged involvement in the creation of another malware.
An Android Trojan was recently found to be updated with a keylogger and capability to take advantage of the OS's accessibility feature, which can be used to display phishing links and steal data.
Security researchers at ESET have found a rogue app which forces users to give it a 5-star review in order for the content to work and to stop ads. However, this was found to be illegitimate.
A new Android malware has been discovered, which cloaks itself as a Flash player update. If a user falls for it, more malicious software will be downloaded, which will spy on unsuspecting users.
The updated malware not only made it onto the Google Play store, but has been downloaded 'several million times' as part of specially crafted applications designed to infect a user's device.
The company's security engineers detailed some of the protocols designed to keep Android users safe. The company explained how it keeps a close eye on devices and apps even when they're infected.
An infamous disk-wiping malware called KillDisk is now functioning as ransomware. It will demand a surprisingly steep amount of 222 bitcoins, or equal to almost $215,000 to unlock infected files.
Security research firm Doctor Web has revealed a list of cheap Android smartphones which were found to contain trojans that display ads and could download other apps in the background.
An Android Trojan called Gugi bypasses new security features implemented in Marshmallow. It will superimpose itself over other apps, and it will request for permission to make calls and send messages.
A new spam email supposedly containing a clip of presidentiable Hillary Clinton meeting with ISIS' leader is spreading on the internet. However, it only contains malware to infect the recipient.
Trend Micro has detected a malvertising campaign against web users in Japan. It turns out that the ads were using a certificate issued by Let's Encrypt. The ads led to sites which would infect PCs.
Popular BitTorrent client uTorrent is being flagged as harmful software by anti-virus vendors, and blocked by Google, apparently due to concerns over third-party software bundled with the torrent app.
A new type of Facebook hoax is currently circulating on the website. People are tagged in an alleged video, which upon opening is a malware hosting website, that can infect a wide range of devices.
With all the ruckus on "The Interview," cyber criminals took advantage of the moment as they have created an app claiming to download the movie. Instead, a Trojan is waiting to attack host devices.
A highly evasive trojan named 'Citadel' is now attacking password managers. It can bypass most threat detection systems to access sensitive data without the user knowing making it highly dangerous.
Symantec has found that a seemingly organized group of hackers, nicknamed Dragonfly, has been infiltrating energy providers by using trojans and phishing techniques. The group has yet to be caught.
A security firm warns that low-cost Android handsets are being sold via sites such as Amazon with malware baked into their firmware, blocking security updates and sending user data to Chinese servers.
Microsoft's malware protection team has found evidence of a new Trojan that can basically delete its own files so that it becomes much harder to detect, but Microsoft managed to find it anyway.
We all know 'em, and we all hate 'em: viruses, worms, trojans, spyware, and malware of any kind. From their origins in science fiction to Flame, Trivia Tuesday delves into your security nightmares.
