News

A new form of Linux malware that is "almost impossible" to detect has been found in a joint research effort by BlackBerry Threat Research & Research team and Intezer security researcher Joakim Kennedy. It has been dubbed Symbiote. A blog post on the malware was released on Thursday. It has been called Symbiote because of its "parasitic nature." Symbiote is different to typical Linux malware because it acts as a shared object (SO) library that...

Allegedly, military-grade firearms coming from Western countries that were sent to support the Ukrainian army in their fight against Russia have been listed on multiple weapon marketplaces on the dark web. These weapons were supposedly put aside from the received supplies and are now being sold to terrorists looking to buy rocket launchers and other high-impact attack systems. There's a high chance that they have been created by pro-Russian actors for propaganda use, despite appearing...

Emotet malware has deployed a new module that is designed to steal credit card information stored in the Chrome web browser. Exclusively targeting Chrome, the module has the ability to exfiltrate the collected information to different remote command-and-control (C2) servers, according to Proofpoint. The enterprise security company discovered the component on the 6th June. Emotet activity has seen a spike following a 10-month-long absence after its infrastructure was attacked by law enforcement in January 2021....

A new ransomware is selling its decryptor on the gaming platform Roblox using the service's in-game currency, Robux. Roblox is an online kids gaming platform that lets members create and monetize their own games by selling Game Passes. These passes provide various rewards, including special access, enhanced features and in-game items. These passes can only be purchased by an in-game currency called Robux. Yesterday, security researchers, MalwareHunterTeam, found a new ransomware referred to as 'WannaFriendMe'....

International Cyber Expo has announced the members of this year’s event Advisory Council. Chaired by former CEO of the National Cyber Security Centre (NCSC), Professor Ciaran Martin, CB, the Advisory Council combines 30 of the cybersecurity’s most well-respected industry figures from government, private and academic sectors. The council is united by their shared passion and commitment to combating the issues of tomorrow's interconnected world. They will also shape the event’s agenda, drawing on their expertise...

The UK government has reportedly acquired its first quantum computer with the aim to help boost research capabilities in cyber-defence and other national security fields. The BBC have reported that The Ministry of Defence (MoD) is set to work with Orca Computing, a UK company, to explore the potential of quantum to enhance the nation's defence systems. The scheme was born out of research developed at the University of Oxford. Orca Computing's aim is to...

A large-scale phishing operation held on Facebook and Messenger to lure millions of users onto phishing pages has been uncovered by researchers. The aim of the operation was to trick victims into entering their credentials and see adverts. These stolen account details were used to send further phishing messages to victim's friends. The aim being to generate significant online advertising commission revenue. The New-York based AI-focused cybersecurity firm, PIXM, said that the campaign, despite being...

As the Follina flaw continues to be exploited in the wild, an unofficial security patch for a new Windows zero-day vulnerability in the Microsoft Diagnostic Tool (MSDT) has been made available. Referenced as DogWalk, the issue relates to a path traversal flaw that, when a potential target opens a specially created ".diagcab" archive file that contains a diagnostics configuration file, can be exploited to stash a malicious executable file to the Windows Start-up folder. The...

This week the UK's social care sector received a boost after NHS Digital released new materials designed to enhance staff cybersecurity awareness. The materials hope to raise awareness of critical threats and risks. The programme was developed in partnership with Digital Social Care, the materials are part of the NHS "Keep IT Confidential" campaign. The campaign covers key areas such as password management, phishing, secure data sharing, the risks of unlocked phone screens, and data...

In 2021 SMS phishing (also known as smishing) attacks more than doubled year-on-year, according to Proofpoint. Cyber-criminals looked to compromise devices by using human error. Proofpoint's latest annual Human Factor report is based on an analysis of over 49 billion URLs, 2.6 billion emails, 1.9 billion attachments, 28 million cloud accounts, 1.7 billion mobile messages and many other data points. The security vendor claimed that the increase in smishing could have occurred as a result of...