The new trojan has been found to compromise Facebook accounts of over 10,000 users since March 2021 via fraudulent apps distributed through Google Play Store and other app marketplaces.
The malicious app abused sideloading flaws to load and start the Cinobi banking trojan. This is a new campaign from Water Kappa that is aimed at users of web browsers other than Internet Explorer.
Pulse Secure has fixed a critical post-authentication RCE flaw in its Connect Secure VPN appliances to address an incomplete patch for an actively exploited flaw previously resolved in October 2020.
Researchers Aditya Sood and Rohit Bansal created an open-source tool that detects internet-facing MongoDB instances and whether they’ve been infected with ransomware or Meow malware has been launched.
Numerous vulnerabilities uncovered in tractor manufacturer John Deere’s systems underscore the cyber risks that come in tandem with the productivity gains from high-tech farming.
Telegram channels have become quite the hot seat for threat actors. Lately, a new Remote Access Trojan (RAT) has entered the landscape, propagating via Telegram channels.
Security experts discovered a set of nine vulnerabilities, aka PwnedPiper, in the TransLogic Pneumatic Tube Systems from Swisslog Healthcare. The flaws impact around 80% of U.S. hospitals, with a possibility of complete system takeover. The vendor urged institutions to patch flaws and also provided mitigation steps for hospitals to stay protected.
In a draft update to its flagship cyber resiliency publication, experts from the National Institute of Standards and Technology offer a next-gen strategy for protecting critical information technology systems from their inside out.
A new variant of the Golang crypto-worm was recently spotted dropping Monero-mining malware on victim machines; in a switch-up of tactics, the payload binaries are capable of speeding up the mining process by 15 percent, researchers said.
Taiwanese motherboard maker has been hit by the RansomEXX ransomware gang, who threaten to publish 112GB of stolen data unless a ransom is paid. The incident also affected multiple websites of the company, including its support site.