Don’t be fooled by a pretty icon, malicious apps hide in plain sight
Apps, whether for communication, productivity or gaming, are one of the biggest threats to mobile security, according to McAfee. The end of 2022 saw the release of some …
Covert cyberattacks on the rise as attackers shift tactics for maximum impact
2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 …
Wiper malware goes global, destructive attacks surge
The threat landscape and organizations’ attack surface are constantly transforming, and cybercriminals’ ability to design and adapt their techniques to suit this evolving …
Users looking for ChatGPT apps get malware instead
The massive popularity of OpenAI’s chatbot ChatGPT has not gone unnoticed by cyber criminals: they are exploiting the public’s eagerness to experiment with it to …
Most vulnerabilities associated with ransomware are old
Researchers identified 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022 – marking a 19% increase year-over-year. …
Malware that can do anything and everything is on the rise
“Swiss Army knife” malware – multi-purpose malware that can perform malicious actions across the cyber-kill chain and evade detection by security controls – is on …
Novel face swaps emerge as a major threat to biometric security
Digital identities are rapidly becoming more widely used as organizations’ and governments’ digital transformation projects mature and users demand more remote accessibility …
A glut of wiper malware hits Ukrainian targets
ESET researchers have discovered yet another wiper malware used to target Ukrainian organizations. Dubbed SwiftSlicer, it is thought to be wielded by the Sandworm APT. …
What makes small and medium-sized businesses vulnerable to BEC attacks
According to the FBI’s 2021 Internet Crime Report, business email compromise (BEC) accounted for almost a third of the country’s $6.9 billion in cyber losses that year – …
A closer look at malicious packages targeting Python developers
In this Help Net Security video, Carlos Fernandez, Security Researcher at Sonatype, talks about how their AI system caught packages that attack Python developers with a unique …
Google ads increasingly pointing to malware
The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many …
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …