Astaroth Spy Trojan Uses Facebook, YouTube Profiles to Cover Tracks

Facebook and YouTube profiles are at the heart of an ongoing phishing campaign spreading the Astaroth trojan, bent on the eventual exfiltration of sensitive information. The attack is sophisticated in that it uses normally trusted sources as cover for malicious Read More …

Uncovering IoT Threats in the Cybercrime Underground

Amid the growth of the internet of things (IoT), manufacturers and integrators are testing the limits of how the technology can be applied, as seen in how new forms of connected devices are hitting the market. Some applications play critical Read More …

Thrip: Ambitious Attacks Against High Level Targets Continue

Symantec’s Targeted Attack Analytics uncovers new attack campaigns in South East Asia. Since Symantec first exposed the Thrip group in 2018, the stealthy China-based espionage group has continued to mount attacks in South East Asia, hitting military organizations, satellite communications operators, Read More …

‘Purple Fox’ Fileless Malware with Rookit Component Delivered by Rig Exploit Kit Now Abuses PowerShell

Exploit kits may no longer be as prolific as it was back when their activities were detected in the millions, but their recurring activities in the first half of 2019 indicate that they won’t be going away any time soon. The Rig exploit kit, for Read More …

Newly discovered cyber-espionage malware abuses Windows BITS service

Security researchers have found another instance of a malware strain abusing the Windows Background Intelligent Transfer Service (BITS). The malware appears to be the work of a state-sponsored cyber-espionage group that researchers have been tracking for years under the name Read More …

China’s APT3 Pilfers Cyberweapons from the NSA

Large portions of APT3’s remote code-execution package were likely reverse-engineered from prior attack artifacts. The advanced persistent threat (APT) group known as APT3, which researchers across the board link to the Chinese government, has built a full in-house battery of exploits Read More …

A Chinese APT is now going after Pulse Secure and Fortinet VPN servers

A group of Chinese state-sponsored hackers is targeting enterprise VPN servers from Fortinet and Pulse Secure after details about security flaws in both products became public knowledge last month. The attacks are being carried out by a group known as Read More …

Hackers exploiting popular social engineering ‘toolkits’ to refine cyber attacks

Hackers are regularly using highly customisable online resources to add social engineering components to render their attacks more effective, according to new research from Malwarebytes. One website identified by the team features an expansive toolkit that has drawn more than 100,000 visits in Read More …

Fraudsters use AI voice manipulation to steal £200,000

Cyber criminals have used artificial intelligence (AI) and voice technology to impersonate a UK business owner, resulting in the fraudulent transfer of $243,000 (£201,000). In March this year, what is believed to be an unknown hacker group is said to have exploited Read More …