Security experts at ESET have spotted a new strain of banking trojan named BackSwap Trojan that implements new techniques to steal money from bank customers. The new techniques allow the malware to bypass anti-malware solutions and security features implemented by browsers to prevent Man-In-The-Browser attacks. Banking malware use to inject malicious code into the web page, either via the browser’s JavaScript console or directly into the address...
Read More
INTRO For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor’s widespread use of a sophisticated modular malware system we call “VPNFilter.” We have not completed our research, but recent events have convinced us that the correct way forward is to now share our findings so that affected parties...
Read More
Widespread routers’ DNS hijacking malware that recently found targeting Android devices has now been upgraded its capabilities to target iOS devices as well as desktop users. Dubbed Roaming Mantis, the malware was initially found hijacking Internet routers last month to distribute Android banking malware designed to steal users’ login credentials and the secret code for two-factor authentication. According to security researchers at Kaspersky Labs, the criminal group behind the...
Read More
Experts from Chinese jailbreakers Pangu Lab, have recently discovered the ZipperDown flaw that could affect roughly 10% of iOS Apps. ZipperDown, is a recently discovered vulnerability that could affect thousands of iOS apps and maybe also Android users. The ZipperDown flaw was first reported by experts from Chinese jailbreakers Pangu Lab, that described it as described as a programming error. The experts estimate 15,978 out of 168,951 iOS apps are affected, roughly 10% of...
Read More
A Google security researcher has discovered a critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux and its derivatives like Fedora operating system. The vulnerability, tracked as CVE-2018-1111, could allow attackers to execute arbitrary commands with root privileges on targeted systems. Whenever your system joins a network, it’s the DHCP client application which allows your system to automatically receive network configuration...
Read More
