This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN : The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to …
Enlarge (credit: Tero Vesalainen ) Researchers on Wednesday presented intriguing new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented …
Enlarge / A woman scans a QR code in a café to see the menu online. The US Federal Trade Commission has become the latest organization to warn against the growing use of QR codes in scams that attempt to take control of smartphones, make fraudulent charges, or obtain personal …
Enlarge Stealthy and multifunctional Linux malware that has been infecting telecommunications companies went largely unnoticed for two years until being documented for the first time by researchers on Thursday. Researchers from security firm Group-IB have named the remote access trojan “Krasue,” after a nocturnal spirit depicted in Southeast Asian …
Enlarge (credit: Getty Images) Hundreds of Windows and Linux computer models from virtually all hardware makers are vulnerable to a new attack that executes malicious firmware early in the boot-up sequence, a feat that allows infections that are nearly impossible to detect or remove using current defense mechanisms. The …
A new worm that spreads via USB sticks is infecting computers in Ukraine and beyond. The group—known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm—has been active since at least 2014 and has been attributed to Russia’s Federal Security Service by the Security …
Enlarge (credit: Getty Images) Highly invasive malware targeting software developers is once again circulating in Trojanized code libraries, with the latest ones downloaded thousands of times in the last eight months, researchers said Wednesday. Since January, eight separate developer tools have contained hidden payloads with various nefarious capabilities, security …
Gene Spafford wrote an essay reflecting on the Morris Worm of 1988—35 years ago. His lessons from then are still applicable today. [...]
Enlarge (credit: Miragec/Getty Images) Google has been caught hosting a malicious ad so convincing that there’s a decent chance it has managed to trick some of the more security-savvy users who encountered it. Screenshot of the malicious ad hosted on Google. (credit: Malwarebytes) Looking at the ad …
Online voting is insecure, period. This doesn’t stop organizations and governments from using it. (And for low-stakes elections, it’s probably fine.) Switzerland—not low stakes—uses online voting for national elections. Andrew Appel explains why it’s a bad idea: Last year, I published a 5-part series …
Malicious ads are creeping into chatbots. [...]
Enlarge Researchers have discovered a never-before-seen backdoor for Linux that’s being used by a threat actor linked to the Chinese government. The new backdoor originates from a Windows backdoor named Trochilus, which was first seen in 2015 by researchers from Arbor Networks, now known as Netscout. They said …
Enlarge / Gamblers and hotel guests at MGM casinos on the Las Vegas Strip, including the Bellagio, were affected by the security breach. (credit: Ethan Miller/Getty Images) A cyber criminal gang proficient in impersonation and malware has been identified as the likely culprit for an attack that paralized networks …
Enlarge / A digital Trojan horse. (credit: Getty Images | posteriori) A download site surreptitiously served Linux users malware that stole passwords and other sensitive information for more than three years until it finally went quiet, researchers said on Tuesday. The site, freedownloadmanager[.]org, offered a benign version of a Linux …
Citizen Lab discovers alleged attack using ‘zero-click exploit’ on individual employed by DC organization An individual employed by a Washington DC-based organization with international offices was targeted with powerful hacking software made by NSO Group, researchers have claimed, raising new concerns about the proliferation of spyware that can infect …
Enlarge / Ukrainian soldiers. (credit: Getty Images) Russia’s military intelligence unit has been targeting Ukrainian Android devices with “Infamous Chisel,” the tracking name for new malware that’s designed to backdoor devices and steal critical information, Western intelligence agencies said on Thursday. “Infamous Chisel is a collection of components …
Enlarge (credit: Getty Images) Security researchers have unearthed a rare malware find: malicious Android apps that use optical character recognition to steal credentials displayed on phone screens. The malware, dubbed CherryBlos by researchers from security firm Trend Micro, has been embedded into at least four Android apps available outside …
Enlarge (credit: Getty Images) Hackers are using open source software that’s popular with video game cheaters to allow their Windows-based malware to bypass restrictions Microsoft put in place to prevent such infections from occurring. The software comes in the form of two software tools that are available on …
Enlarge (credit: Getty Images) Researchers have discovered previously unknown Mac malware infecting a cryptocurrency exchange. It contains a full suite of capabilities, including the ability to steal private data and download and execute new malicious files. Dubbed JokerSpy, the malware is written in the Python programming language and makes …
Enlarge (credit: Getty Images) Hackers working for Russia’s Federal Security Service have mounted multiple cyberattacks that used USB-based malware to steal large amounts of data from Ukrainian targets for use in its ongoing invasion of its smaller neighbor, researchers said. “The sectors and nature of the organizations and …
Kaspersky is reporting a zero-click iOS exploit in the wild: Mobile device backups contain a partial copy of the filesystem, including some of the user data and service databases. The timestamps of the files, folders and the database records allow to roughly reconstruct the events happening to the device …
Enlarge (credit: Getty Images) A platform that provides plugin software for the wildly popular Minecraft game is advising users to immediately stop downloading or updating mods after discovering malware has been injected into dozens of offerings it makes available online. The mod-developer accounts were hosted by CurseForge, a platform …
Enlarge Smartphone malware sold to governments around the world can surreptitiously record voice calls and nearby audio, collect data from apps such as Signal and WhatsApp, and hide apps or prevent them from running upon device reboots, researchers from Cisco’s Talos security team have found. An analysis Talos …
Enlarge / Cybercriminals or anonymous hackers use malware on mobile phones to hack personal and business passwords online. (credit: Getty Images) Overall, Android devices have earned a decidedly mixed reputation for security. While the OS itself and Google's Pixels have stood up over the years against software exploits, the never-ending …
Reuters is reporting that the FBI “had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.” The headline says that the FBI …