With 2.5 billion users worldwide, Google’s YouTube is undoubtedly the most popular video platform on the planet. And not just with legitimate users. I recently reported how hackers were going after YouTube creator accounts as part of an ongoing credential-stealing attack. Now, according to newly published security research, it appears that the threat has evolved with attackers using YouTube […]
Researchers analyzed new versions of the Banshee macOS Stealer sample that initially evaded detection by most antivirus engines, as analysis revealed that the malware employed a unique string encryption technique. The encryption method was identical to that used by Apple’s XProtect antivirus engine for encrypting YARA rules within its binaries. By leveraging this shared encryption algorithm, Banshee […]
A newly published analysis has revealed that, across the whole of 2024, click-attacks all but tripled compared to the year before. Forget the recent warning for Chrome, Edge and Safari browsers not to double-click; all email users should now consider not clicking at all. Here’s what Gmail, Outlook and Apple Mail users need to know. A […]
Acronyms aren’t unique to cybersecurity, but they’ve become a hallmark of how we communicate with each other. Do we really need to be adding this layer of complexity to an industry which is already complex? Or are they just making our devs more depressed? Let’s make security accessible and actionable. The cybersecurity industry is seeing record […]
Google’s managed defense team, working to empower the Google security operations community, has published a technical deep-dive into a confirmed malware threat that acts as a backdoor supporting commands involving supports commands keylogging, screen capture, audio capture, remote shell and file transfer as well as file execution. The malware, known as playfulghost, has been observed […]
Health care organizations may be required to bolster their cybersecurity to better prevent sensitive information from being leaked by cyberattacks like the ones that hit Ascension and UnitedHealth, a senior White House official said Friday. Anne Neuberger, the U.S. deputy national security adviser for cyber and emerging technology, told reporters that proposed requirements are necessary […]
Hackers leveraged Microsoft Teams to manipulate a victim into granting remote access to their system. The attack, analyzed by Trend Micro, highlights the growing sophistication of social engineering tactics used by cybercriminals. The attack began with a flood of phishing emails targeting the victim. Shortly after, the attacker initiated a Microsoft Teams call, posing as an employee […]
Although little is known, in truth, about a cybercriminal actor employing what has become known as the Cloak ransomware threat, the group has risen rapidly to gain status as a significant player in the ransomware landscape since first emerging in 2022. Threat researchers at Halcyon have now analyzed the Cloak ransomware threat and uncovered a new […]
Doughnut chain Krispy Kreme says it has been hit by a cyberattack which has disrupted its online systems. Some customers in the US have been unable to make online orders as a result of the hack, which occurred in late November but has only just been disclosed. Krispy Kreme revealed the attack in a regulatory […]
The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. “Users within the target environment will be email bombed by the threat actor, which is often achieved by signing up the user’s email to numerous mailing lists […]