This article sheds light on the current ecosystem of the Sathurbot backdoor trojan, in particular exposing its use of torrents as a delivery medium and its distributed brute-forcing of weak WordPress administrator accounts.
With April the Giraffe about to give birth in the Animal Adventure Park in Harpursville, New York, it is time to warn readers of how a giraffe can damage their device in ways that a cat or dog would only dream of: Licking it – A giraffe’s tongue is about 50 cm long and black. Equipped to […]
No More Ransom, so is the Ransomware Threat.
Launched less than a year ago, the No More Ransom (NMR) project has increased its capacity with new partners and new decryption tools added to its now global campaign to combat Ransomware.
Started as a joint initiative by Europol, the Dutch National Police, Intel Security and Kaspersky Lab, No More Ransom is an anti-ransomware cross-industry
Researchers say a variant of the notorious surveillance software called Pegasus has been targeting Android users allowing third parties to take screenshots, capture audio, read email and exfiltrate data from targeted phones.
An Android version of one of the most sophisticated mobile spyware has been discovered that remained undetected for at least three years due to its smart self-destruction capabilities.
Dubbed Chrysaor, the Android spyware has been used in targeted attacks against activists and journalists mostly in Israel, but also in Georgia, Turkey, Mexico, the UAE and other countries.
Cisco Talos researchers spot a stealthy new remote administration tool calling ROKRAT that targets Korean-language Microsoft Word alternative Hangul Word Processor.
ESET researchers have discovered a malicious app at Google Play tricking its victims into paying €18 ($19) for Adobe Flash Player.
The post Don’t pay for what is for free: Malicious Adobe Flash Player app found on Google Play appeared first on WeLiveSecurity
Mike Mimoso and Chris Brook recap the first day of this year’s Security Analyst Summit, including Mark Dowd’s memory corruption bug keynote, the digital archeology around Moonlight Maze, ATM hacking, and the Lazarus APT.
Malware that passes itself off as a WordPress SEO plugin has been infecting sites and opening a backdoor for hackers on thousands of sites.
This year’s Security Analyst Summit is previewed and the news of the week is discussed, including a Microsoft IIS zero day, a new Mirai variant, and the broadband privacy ruling.