2021 was the most prolific year on record for data breaches
Spirion released a guide which provides a detailed look at sensitive data breaches in 2021 derived from analysis conducted against the Identity Theft Resource Center (ITRC) …
Highly Evasive Adaptive Threats (HEAT) bypassing traditional security defenses
Menlo Security announced it has identified a surge in cyberthreats, termed Highly Evasive Adaptive Threats (HEAT), that bypass traditional security defenses. HEAT attacks are …
Stealthy Excel malware putting organizations in crosshairs of ransomware gangs
The HP Wolf Security threat research team identified a wave of attacks utilizing Excel add-in files to spread malware, helping attackers to gain access to targets, and …
Malware resets Android devices after performing fraudulent wire transfers
If your Android phone initiates a factory reset out of the blue, there’s a chance it has been infected with the BRATA banking malware and you’ve just been ripped …
DazzleSpy: macOS backdoor delivered through watering hole attacks
In late 2021, a never before seen macOS backdoor was delivered to pro-democracy individuals in Hong Kong via fake and compromised sites (for example, that of local radio …
Beware of fake tax apps pushing malware
With the self-assessment tax deadline fast approaching in the UK, self-employed individuals will be looking to take advantage of the many apps that are on the market to help …
Stealthy firmware bootkit leveraged by APT in targeted attacks
Kaspersky researchers have uncovered the third known case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within Unified Extensible …
Endpoint malware and ransomware detections hit all-time high
Endpoint malware and ransomware detections surpassed the total volume seen in 2020 by the end of Q3 2021, according to researchers at the WatchGuard Threat Lab. In its latest …
VirusTotal Hacking: Finding stolen credentials hosted on VirusTotal
VirusTotal, the popular online service for analyzing suspicious files, URLs and IP addresses, can be used to collect credentials stolen by malware, researchers at SafeBreach …
Ukraine: Wiper malware masquerading as ransomware hits government organizations
In the wake of last week’s attention-grabbing defacements of many Ukrainian government websites, Microsoft researchers have revealed evidence of a malware operation …
Delivering vulnerable signed kernel drivers remains popular among attackers
ESET researchers took an in-depth look into the abuse of vulnerable kernel drivers. Vulnerabilities in signed drivers are mostly utilized by game cheat developers to …
How safe are cloud applications?
Netskope released a research highlighting the continued growth of malware and other malicious payloads delivered by cloud applications. The year-over-year analysis identifies …