Researchers have discovered a new Remcos RAT campaign that uses an AutoIt wrapper to deliver a previously unknown variant featuring new obfuscation and anti-debugging techniques. Trend Micro uncovered the threat last July after encountering a phishing email that was disguised as an order notification, but actually contained an attachment that delivered the RAT. “The email…
Hacking online forum Cracked.to last July suffered a data breach at the hands of one of its rival communities, resulting in the compromise of roughly 321,000 members, breach reference website site “Have I Been Pwned?” reported this week. The breach resulted in a public doxxing that exposed a database containing 749,161 email accounts, as well…
Google Project Zero researcher Tavis Ormandy yesterday disclosed a series of 20-year-old flaws in Microsoft’s CTF protocol that could allow unauthorized parties to take over applications that use said protocol. According to Ormandy’s blog post and technical analysis, the flaw is specifically found in the msctf subsystem, which is a component of the Text Services…
A cybercriminal operation that’s been targeting France since May is attempting to distribute malware capable of recording the screens of victims who visit pornographic websites. In other cases, the malware sends out spam emails that merely intend to trick victims into believing their web sessions were recorded while they watched porn, even though they were…
Cisco Systems issued a series of security updates on Aug. 6 and 7, in the process disclosing 26 vulnerabilities, including two critical ones found in its Small Business 220 Series Smart Switches. The two most serious bugs consist of a remote code execution flaw (CVE-2019-1913) and an authentication bypass vulnerability (CVE-2019-1912) in the aforementioned switches,…
Two related ad fraud malware programs, recently discovered in 34 trojanized Android applications, have already been downloaded roughly 102 million times from the Google Play store, researchers reported. Dubbed Android.Click.312.origin and Android.Click.313.origin, the malicious clicker trojans appear to be designed primarily to sign users up for paid premium services without their consent, according to a…
First American Financial Corp. is reportedly the subject of a U.S. Securities and Exchange Commission investigation, following the discovery of a website defect that left 885 million documents exposed to the public. Earlier this year, the financial services company’s website was found to have allowed anyone with a web browser and a URL for a…
Apple is drastically overhauling its bug bounty program, eliminating its invitation-only status, increasing its rewards, expanding it to include MacOS and other operating systems, and even agreeing to supply qualified researchers with special iPhones that are easier to probe for vulnerabilities. Apple’s head of security engineering Ivan Krstic announced these changes last week at the…
Researchers have discovered a new remote access trojan that rummages through an infected device’s Chrome browser history to determine which websites the user has visited, allowing adversaries to formulate an optimal attack strategy based on that information. Dubbed Saefko, the RAT looks for at least 70 different websites affiliated with credit cards, at least 26…
The Black Hat conference in Las Vegas reunited three important figures in the history of famed 35-year-old hacking group Cult of the Dead Cow (cDc), including one member who made his first-ever appearance under his actual name. But the real name-dropping began when the group members shared their thoughts on another former member, Democratic presidential…
