Last seen in August 2021, Zloader, a banking malware designed to steal user credentials and private information, is back with a simple yet sophisticated infection chain. Previous Zloader campaigns, which were seen in 2020, used malicious documents, adult sites and Google ads to infect systems.
Evidence of the new campaign was first seen around early November 2021. The techniques incorporated in the infection chain include the use of legitimate remote management software (RMM) to gain initial access to the target machine.
A flaw in Apple's software exploited by Israeli surveillance firm NSO Group to break into iPhones in 2021 was simultaneously abused by a competing company, according to five people familiar with the matter.
A series of reports into how the Israeli police spied on their own citizens has finally grabbed everyone’s attention – and nowhere more so than among Benjamin Netanyahu’s loyal followers
On January 4, 2022, the Wordfence Threat Intelligence team began the responsible disclosure process for several Remote Code Execution vulnerabilities in PHP Everywhere, a WordPress plugin installed on over 30,000 websites. One of these vulnerabilities allowed any authenticated user of any level, even subscribers and customers, to execute code on a site with the plugin ...Read More
Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild.
Last year was another record setter for our Vulnerability Reward Programs (VRPs). Throughout 2021, we partnered with the security researcher community to identify and fix thousands of vulnerabilities – helping keep our users and the internet safe.
A previously unreported threat actor has been targeting civil society for over a decade. Read about how it operates and its relationships to other threats.
Disappointed with the lack of US response to the Hermit Kingdom's attacks against US security researchers, one hacker took matters into his own hands.
A vast location-tracking network is being built around us so we don’t lose our keys: One couple’s adventures in the consumer tech surveillance state.
Free Maze / Sekhmet / Egregor ransomware decryptor by Emsisoft. Unlock your files without paying the ransom.
Hello, Its developer. It was decided to release keys to the public for Egregor, Maze, Sekhmet ransomware families.
also there is a little bit harmless source code of polymorphic x86/x64 modular EPO file infector m0yv detected in the wild as Win64/Expiro virus, but it is not expiro actually, but AV engines detect it like this, so no single thing in common with...
A decryptor has been released for the Maze, Sekhmet, and Egregor ransomware after someone published the master decryption keys in a BleepingComputer forum post.
Reputation firms like Eliminalia use legal threats and copyright notices to have material taken down around the world.
This is a list of the most common passwords, discovered in various data breaches. Common passwords generally are not recommended on account of low password strength
I'm running MacOS Monterey. Several times in the last few weeks, I've noticed the orange dot indicating the microphone is being used by an app, and I click on the Control Center and see that Zoom is accessing the microphone. I'm not in a meeting and simply have the Zoom app open. Why would Zoom be accessing the microphone when I'm not in a meeting?
Recently, there has been a resurgence of malware that is spread via Microsoft Word macro capabilities....
We’re happy to announce the public release of esmat, a new free & open-source tool. esmat is a command-line app for macOS that allows you to explore the behavior of Apple’s Endpoint Security framework.
The Qualys Research Team has discovered a memory corruption vulnerability in polkit's pkexec, a SUID-root program that is installed by default on every major…
Changing Default Behavior
We’re introducing a default change for five Office apps that run macros:
VBA macros obtained from the internet will now be blocked by default.
