New MetaStealer malware targets macOS systems
A new MetaStealer malware that attempts to steal sensitive information is currently actively targeting Intel-based macOS systems. Sensitive information for Meta and Telegram services are particularly targeted.
According to SentinelOne researchers, the Go-based new MetaStealer malware developed i... Read more
Hackers figure out your computer’s location via malware Whiffy Recon
Hackers can accurately determine your location with the new malware Whiffy Recon. The data can potentially be used as leverage to let victims fulfil the hacker's wishes.
The new malware Whiffy Recon searches for a computer's location. Researchers from Secureworks first encountered the malware i... Read more
Lazarus hackers use open-source tools for malware infection
North Korean hackers from Lazarus have launched two new sophisticated attacks. Their methods rely on open-source tools and frameworks to install malware, Cisco research has shown.
According to the researchers, the hackers from the Lazarus group, known for the notorious WannaCry ransomware attack... Read more
Malvertising is becoming an increasingly dangerous form of cybercrime
Malware is increasingly being spread through fraudulent ads, a practice known as malvertising. Full-page promises of large cash prizes attract unwitting victims, as do ads that have already shipped malicious software as soon as the user sees them.
Malware spreading through merely seeing banner a... Read more
New infostealer for Windows is hiding in web browsers
Researchers at Zscaler ThreatLabz have discovered a new infostealer family for Windows systems: Stact Stealer. The sophisticated malware poses as an authentic Google ad.
According to Zscaler security researchers, the infostealer seeks access to victims' Windows systems by impersonating an authen... Read more
WinRAR contains severe vulnerability, patch available
WinRAR users, without a patch, are vulnerable to CVE-2023-40477, a serious software flaw. The bug allows attackers to execute code on the victim's machine after the latter opens a file.
The vulnerability appears to be a result of an incomplete validation step during recovery volume processing. T... Read more
Chrome can now take down malware masquerading as an extension
Google is currently testing a browser feature that alerts users when an installed extension has been removed from the Chrome Web Store, something that often indicates it is malware.
BleepingComputer reports that the Chrome Web Store is constantly flooded with unwanted browser extensions publishe... Read more
AI tools aid cybercrime: hackers are experimenting in numerous ways
Research by Mandiant shows that cybercriminals are eager to turn to AI, even if its usefulness is limited for now. Fake photos, audio and coding help for malware are among the possibilities, with varying degrees of success for the hackers in question.
In late April, RSA CEO Rohit Ghai said that ... Read more
MacOS malware detection tool proves easy to bypass
The Background Task Management tool built into macOS to thwart malware turns out not to perform its function very well. This was revealed by Mac security researcher Patrick Wardle during a Defcon-31 presentation in Las Vegas.
Since late 2022, Apple has built the Background Task Management tool i... Read more
Cybercriminals entice victims to install rogue beta apps
Cybercriminals are increasingly trying to trick victims into installing malicious apps that are supposedly in a beta phase. These are mainly fake cryptocurrency apps, the FBI warns.
According to the U.S. investigative agency, cybercriminals are increasingly trying to trick victims into installin... Read more