Threat actors are still taking advantage of the ongoing COVID-19 global outbreak by attempting to drop Remcos RAT and malware payloads on their targets' computers via malicious files that promise to provide Coronavirus safety measures. Yoroi researchers recently spotted a suspicious CoronaVirusSafetyMeasures_pdf.exe executable after it was submitted to their free Yomi Hunter sandbox-based file analysis service. READ MORE...
Clearview AI, the controversial facial recognition startup that's gobbled up more than three billion of our photos by scraping social media sites and any other publicly accessible nook and cranny it can find, has lost its entire list of clients to hackers - including details about its many law enforcement clients. In a notification that The Daily Beast reviewed, the company told its customers that an intruder "gained unauthorized access" to its list of customers. READ MORE...
The Financial Conduct Authority (FCA) has admitted that it mistakenly published the personal information of people who had filed complaints against it, including names and contact details, on its website. The data of approximately 1,600 users who complained about the UK's financial regulator was published on its own website in November 2019, including their names, the status of the complaint, and the company they represent. READ MORE...
Security researchers have spotted an ongoing malspam campaign using emails disguised as messages from secret lovers to deliver Nemty Ransomware payloads on the computers of potential victims. The spam campaign was identified by both Malwarebytes and X-Force IRIS researchers and has started distributing malicious messages yesterday via a persistent stream of emails. The attackers use several subject lines that hint at the contents of the email being sent by someone the recipient already knows. READ MORE...
Cybercriminals behind a recently observed phishing campaign used a clever ruse in the form of a bogus NortonLifelock document to fool victims into installing a remote access tool (RAT) that is typically used for legitimate purposes. The malicious activity has the hallmarks of a seasoned threat actor familiar with evasion techniques and offensive security frameworks that help install the payload. READ MORE...
An Android malware strain is now capable of stealing one-time passcodes (OTP) from the popular Google Authenticator app, security researchers have warned. According to a report published this week by ThreatFabric, the Cerberus Trojan virus has been restructured and enhanced with the ability to steal multi-factor authentication (2FA) tokens from the Google Authenticator application. READ MORE...