Threat Actors Blanket Androids with Flubot, Teabot Campaigns
Attackers are getting creative, using smishing & a malicious Google Play QR reader to plant banking trojans on the phones of victims across the globe.
Malware
Segway Hit by Magecart Attack Hiding in a Favicon
Visitors who shopped on the company’s eCommerce website in January will likely find their payment-card data heisted, researchers warned.
MacOS Malware ‘DazzleSpy’ Used in Watering-Hole Attacks
A pro-democracy Hong Kong site was used to launch watering-hole attacks that planted a powerful macOS backdoor that researchers dubbed DazzleSpy.
A critical security bug and a months-long, ongoing supply-chain attack spell trouble for WordPress users.
Researchers identify three new versions of the banking trojan that include various new features, including GPS tracking and novel obfuscation techniques.
State-sponsored cyberattackers are using Google Drive, Dropbox and other legitimate services to drop spyware on Middle-Eastern targets and exfiltrate data.
QR codes have become a go-to staple for contactless transactions of all sorts during the pandemic, and the FBI is warning cybercriminals are capitalizing on their lax security to steal data and money, and drop malware.
The ‘DTPacker’ downloader used fake Liverpool Football Club sites as lures for several weeks, a report finds.
Court rules ‘War or Hostile Acts’ exclusion doesn’t apply to the pharma giant’s 2017 cyberattack.
The brief spearphishing campaigns spread malware and use compromised networks to steal credentials that can be sold or used to commit financial fraud.
