News

A banking malware called ZLoader, last seen in early 2018, has been spotted in more than 100 email campaigns since the beginning of the year. The trojan is under active development with 25 versions seen in the wild since its comeback in December 2019, the latest one observed this month. The malicious email campaigns target users in the U.S., Canada, Germany, Poland, and Australia with lures related to the COVID-19 topics (tips to avoid scams,...

A brand-new Insider Threat Report authored by Shareth Ben, director of insider threat and cyber threat analytics at Securonix has found that employees deemed “flight risks” are linked to around 60% of the insider threat incidents detected. Ben explained in the report that flight risks are those employees about to terminate employment with the company for various reasons and can be determined by Securonix’s advanced user behaviour analytics. The Securonix Threat Research Team analysed hundreds...

Meal kit delivery service Home Chef announced a data breach Wednesday, two weeks after reports that its customer information was for sale on the dark web. Home Chef, which was acquired by Kroger Co. in 2018, said it was notifying customers of the breach but didn’t say how many customers were affected. In a statement, Home Chef said that customer email addresses, names and phone numbers, in addition to the last four digits of credit...

A security researcher has published details of how a series of web security flaws in QNAP network attached storage (NAS) devices leave many systems open to pwnage. Multiple vulnerabilities in QNAP Photo Station and CGI programs can be chained together to achieve a pre-authentication remote code execution attack, Henry Huang from CyCarrier CSIRT discovered. Huang discovered and reported four vulnerabilities to QNAP NAS devices last June (CVE-2019–7192, CVE-2019–7193, CVE-2019–7194, and CVE-2019–7195). The clutch of bugs...

 A hacker has put up for sale today the details of 40 million users registered on Wishbone, a popular mobile app that lets users compare two items in a simple voting poll. The data is being advertised across multiple hacking forums and being sold for 0.85 bitcoin (~$8000), according to ads seen by ZDNet. According to the seller's claims and a sample of the data published online, the Wishbone data includes user information such as...

Toll Group has provided an update on the ransomware attack it suffered following a January infection. The Australian transport giant said, after revealing the extent of data theft it suffered earlier this month, that the stolen information has found its way onto the "dark web". "Following our announcement last week that a ransomware attacker had stolen data contained on at least one Toll corporate server, our ongoing investigation has established that the attacker has now...

The business email compromise (BEC) gang Scattered Canary has filed more than 200 fraudulent claims for unemployment benefits and for COVID-19 relief funds. An infamous business email compromise (BEC) gang has submitted hundreds of fraudulent claims with state-level U.S. unemployment websites and coronavirus relief funds. Researchers who tracked the fraudulent activity said cybercriminals may have made millions so far from the fraudulent activity. Behind the attacks is Scattered Canary, a highly-organized Nigerian cybergang that employs...

By now I’m sure that you have heard about the easyJet data breach. More than 9 million customers suffered breached personally identifiable information (PII), and some 2,000 customers had their card details “viewed”. Hugo van den Toorn, manager of offensive security at Outpost 24 warned that "often after such a breach, information will be sold on to underground marketplaces, this kind of data is then often used in various attacks: Credit card details for making...

 A new Trojan has been caught targeting Thai users of Whatsapp, Facebook Messenger, and Line messaging apps on the Android mobile platform. On Tuesday, Cisco Talos researchers said the malware, dubbed WolfRAT, is a new variant of DenDroid, a mobile Remote Access Trojan (RAT) that had its source code leaked in 2015. At the time, DenDroid was considered a sophisticated malware package that was on offer in underground forums with a price tag of $300....

 A critical remote code execution flaw in Adobe Character Animator was fixed in an out-of-band Tuesday patch. Adobe has issued an out-of-band patch for a critical flaw in Adobe Character Animator, its application for creating live motion-capture animation videos. The flaw can be exploited by a remote attacker to execute code on affected systems. The flaw (CVE-2020-9586) is found in versions 3.2 and earlier and exists within the parsing of the BoundingBox element in PostScript....