Short-form video platforms like TikTok and Instagram Reels have become the latest way cybercriminals spread malware.
We’ve already seen attackers move away from traditional phishing emails and toward tactics that trick people into installing malware themselves. Now they’re being lured with slick social media videos that promise free Spotify Premium, free Windows activation, or free Microsoft Office, but instead leave people with infostealers on their Windows devices.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Finastra Notifies Customers of Data Breach
February 19, 2025
British financial technology firm Finastra has notified customers impacted by a data breach that occurred over three months ago. Between October 31 and November 8, 2024, an unauthorized third party accessed the company’s secure file transfer platform (SFTP), used to share files with customers. Although the breach was detected on November 7, and the company acknowledged ...
- Spam and phishing in 2024
February 19, 2025
In 2024, cybercriminals targeted travel enthusiasts using fake hotel and airline booking websites. In one simple scheme, a fraudulent site asked users to enter their login credentials to complete their booking — these credentials ended up in criminal hands. Sometimes, the fake login form appeared under multiple brand names at once (for example, both Booking ...
- Multiple Vulnerabilities Discovered in NVIDIA CUDA Toolkit
February 19, 2025
This article reviews nine vulnerabilities Palo Alto researchers recently discovered in two utilities called cuobjdump and nvdisasm, both from NVIDIA’s Compute Unified Device Architecture (CUDA) Toolkit. The researchers have coordinated with NVIDIA, and the company has released an update in February 2025 to address these issues. The vulnerabilities are tracked as the following Common Vulnerabilities and ...
- Philippines reports foreign cyber intrusions targeting intelligence data, but no breaches
February 18, 2025
The Philippines has detected foreign attempts to access intelligence data, but its cyber minister said on Tuesday no breaches have been recorded so far. Attempts to steal data are wide-ranging, said minister for information and communications Ivan Uy. Advanced Persistent Threats or APTs have repeatedly attempted but failed to infiltrate government systems, suggesting the country’s cyber-defences ...
- StaryDobry ruins New Year’s Eve, delivering miner instead of presents
February 18, 2025
On December 31, cybercriminals launched a mass infection campaign, aiming to exploit reduced vigilance and increased torrent traffic during the holiday season. Kaspersky telemetry detected the attack, which lasted for a month and affected individuals and businesses by distributing the XMRig cryptominer. This previously unidentified actor is targeting users worldwide—including in Russia, Brazil, Germany, Belarus and ...
- 50,000 electronic attacks countered daily by UAE Cybersecurity Council
February 17, 2025
Dr. Mohammed Hamad Al Kuwaiti, Chairman of the UAE Cybersecurity Council, stated that the UAE possesses an advanced cybersecurity system capable of predicting and countering most electronic attacks before they occur. He noted that the average daily cyberattacks on key sectors exceeds 50,000, all of which are proactively deterred and mitigated. In statements to the Emirates ...