A version of TrickBot spotted recently shows interest in data that is peculiar for the normal scope of banking trojans: the Windows system reliability and performance information.
Web developers can use the SpeechSynthesis API to convert text on a web page into synthesized audio speech. While this feature is great for accessibility and audio queues, it is being abused by advertisements and low quality/scammy web sites.
This week we had some new variants of common ransomware infections such as Dharma and Matrix. Otherwise, it has predominantly been small variants that were either created as a test or have minimal distribution.
A new tech support scam trick is underway that utilizes Facebook's Sharer dialog to scare a user into thinking that their Facebook account has an issue. The scammers then hope that the user will be scared into calling the listed phone number.
A person or group claiming to have hacked ProtonMail and stolen "significant" amounts of data has posted a lengthy ransom demand with some wild claims to an anonymous Pastebin. ProtonMail states it's complete BS.
A bug in the way Gmail handles the structure of the 'from:' header allows placing of an arbitrary email address in the sender field.
Mozilla's has added a new feature to their desktop Quantum Browser that displays a warning from Firefox Monitor when visiting a site that previously had a data breach. These warnings are designed to alert people about possible concerns and to suggest they check their email to see if it was part of the breach.
Adversaries looking for an easy way to mine for cryptocurrency are actively targeting publicly exposed Docker services. They use a malicious script capable to scan the network in search of vulnerable hosts and compromise them.
iPhone X, Samsung Galaxy S9, and Xiaomi Mi6 all fell at the hands of hackers that found bugs in various components and crafted exploits that allowed complete take over of the targeted device.
A MageCart credit card skimming attack has been discovered on the online store for the Infowars web site. Visitors who purchased anything on the store while the malicious code was present, would have had their payment information sent to the attacker's server in Lithuania.
Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises: "In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe."
A zero-day vulnerability in certain editions of Windows operating system helped at least one advanced threat group increase their privileges on compromised machines until Microsoft patched it with this month's release of security updates.
The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full compliance is expected by the end of 2019.
Adobe has published their monthly Patch Tuesday updates for the month of November 2018. These updates are for Flash Player, Adobe Acrobat and Reader, and Photoshop CC.
Today is Microsoft's November 2018 Patch Tuesday, which means we get a ton of security updates to install for Windows and other Microsoft products. As these updates are commonly exploited by attackers, malware, and exploit kits, it is strongly advised that all users install these updates as soon as possible.
Services from Google on Monday became unavailable for up to two hours as user traffic followed a tortuous path through operators in Russia and Nigeria before hitting the Great Firewall of China.
The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware.
The Intel Microcode Boot Loader creates a bootable USB flash drive that automatically applies the latest Intel microcodes to your identified CPU so that you are protected from the speculative execution side-channel attacks called Spectre.
This past April, Cloudflare and APNIC released a new 18.104.22.168 public DNS resolver service whose goal was not only to make looking up Internet addresses faster, but also make them more private. Today, Cloudflare has released a 22.214.171.124 app for Android and iOS to easily bring these same features to your mobile devices.