With 2.5 billion users worldwide, Google’s YouTube is undoubtedly the most popular video platform on the planet. And not just with legitimate users. I recently reported how hackers were going after YouTube creator accounts as part of an ongoing credential-stealing attack. Now, according to newly published security research, it appears that the threat has evolved with attackers using YouTube […]
Researchers analyzed new versions of the Banshee macOS Stealer sample that initially evaded detection by most antivirus engines, as analysis revealed that the malware employed a unique string encryption technique. The encryption method was identical to that used by Apple’s XProtect antivirus engine for encrypting YARA rules within its binaries. By leveraging this shared encryption algorithm, Banshee […]
A newly published analysis has revealed that, across the whole of 2024, click-attacks all but tripled compared to the year before. Forget the recent warning for Chrome, Edge and Safari browsers not to double-click; all email users should now consider not clicking at all. Here’s what Gmail, Outlook and Apple Mail users need to know. A […]
Acronyms aren’t unique to cybersecurity, but they’ve become a hallmark of how we communicate with each other. Do we really need to be adding this layer of complexity to an industry which is already complex? Or are they just making our devs more depressed? Let’s make security accessible and actionable. The cybersecurity industry is seeing record […]
Google’s managed defense team, working to empower the Google security operations community, has published a technical deep-dive into a confirmed malware threat that acts as a backdoor supporting commands involving supports commands keylogging, screen capture, audio capture, remote shell and file transfer as well as file execution. The malware, known as playfulghost, has been observed […]
Hackers leveraged Microsoft Teams to manipulate a victim into granting remote access to their system. The attack, analyzed by Trend Micro, highlights the growing sophistication of social engineering tactics used by cybercriminals. The attack began with a flood of phishing emails targeting the victim. Shortly after, the attacker initiated a Microsoft Teams call, posing as an employee […]
Although little is known, in truth, about a cybercriminal actor employing what has become known as the Cloak ransomware threat, the group has risen rapidly to gain status as a significant player in the ransomware landscape since first emerging in 2022. Threat researchers at Halcyon have now analyzed the Cloak ransomware threat and uncovered a new […]
Doughnut chain Krispy Kreme says it has been hit by a cyberattack which has disrupted its online systems. Some customers in the US have been unable to make online orders as a result of the hack, which occurred in late November but has only just been disclosed. Krispy Kreme revealed the attack in a regulatory […]
The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. “Users within the target environment will be email bombed by the threat actor, which is often achieved by signing up the user’s email to numerous mailing lists […]
Artivion, a medical device company that manufactures implantable tissues for cardiac and vascular transplant applications, says its services have been “disrupted” due to a cybersecurity incident. In an 8-K filing with the SEC on Monday, Georgia-based Artivion, formerly CryoLife, said it became aware of a “cybersecurity incident” that involved the “acquisition and encryption” of data on November […]