A recently detected Android malware named ‘Goldoson’ has made its way into Google Play and has been found in 60 legitimate applications, which have been downloaded a total of 100 million times. Users are suggested to always perform due diligence, especially for new apps without good reviews.
The malware is currently still in development and is receiving continuous improvement updates designed to make it a more potent and effective tool for attackers and a threat to defenders.
The component that makes Aurora’s delivery stealthy and dangerous is a highly evasive loader we named “in2al5d p3in4er.” It is compiled with Embarcadero RAD Studio and targets endpoint workstations using an advanced anti-VM technique.
A security researcher has released, yet another sandbox escape proof of concept (PoC) exploit that makes it possible to execute unsafe code on a host running the VM2 sandbox.
Across all BEC attacks seen over the past year, 57% of them relied on language as the main attack vector to get them in front of unsuspecting employees, according to Armorblox.
While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB has revealed the adversary’s use of the SimpleHelp remote support software in June 2022.
The North Carolina–based company, which designs and manufactures network infrastructure products for a range of customers, including hospitals, schools, and U.S. federal agencies, was listed on the data leak site of the Vice Society ransomware gang.
Researchers revealed that the Vice Society ransomware group is utilizing a specialized tool based on PowerShell to escape detection and automate the data extraction process. With the adoption of increasingly sophisticated tools, Vice Society has become a formidable threat to organizations globally.
Hundred Finance confirmed the exploit on April 15, noting that it had contacted the hacker for negotiations. The platform is also working with security teams to resolve the issue and has urged anyone with information on the incident to reach out.
The flow of venture capital funding to cybersecurity firms hit a steep decline in the first quarter of 2023 compared with year-ago figures, lending more credence to the notion the industry may be oversaturated with vendors and overlapping tools.