10 matches found
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Unknown threat actors compromised CPUID "cpuid.com", a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident...
Vulnerabilities fixed in Apple macOS
Apple has fixed vulnerabilities in macOS. A malicious party could exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution Administrator/Root rights Remote...
Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps
Chinese-speaking individuals in Southeast and East Asia are the targets of a new rogue Google Ads campaign that delivers remote access trojans such as FatalRAT to compromised machines. The attacks involve purchasing ad slots to appear in Google search results and direct users looking for popular...
Vulnerabilities fixed in Apple Safari
Apple has fixed vulnerabilities in Safari. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Bypassing security measure. Remote code execution User rights Access to sensitive data Access to system data Apple states that it is aware of...
Vulnerabilities fixed in Apple iOS and iPadOS
Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of authentication. Remote code execution Administrator/Root rights...
Researchers Detail New Malware Campaign Targeting Indian Government Employees
The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. "This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions ...
Vulnerabilities fixed in Google Chrome
Several vulnerabilities have been fixed in Google Chrome. A malicious party could potentially exploit the vulnerabilities to execute arbitrary code within the context of the browser, or to gain access to sensitive data within the context of the browser. To do this, the malicious party must entice...
ChromeLoader targets Chrome Browser users with malicious ISO files
If you’re on the hunt for cracked software or games, be warned. Rogue ISO archive files are looking to infect your systems with ChromeLoader. If you think campaigns such as this only target Windows users, you’d sadly be very much mistaken. The attack sucks in several operating systems and even us...
120 Compromised Ad Servers Target Millions of Internet Users
An ongoing malvertising campaign tracked as "Tag Barnakle" has been behind the breach of more than 120 ad servers over the past year to sneakily inject code in an attempt to serve malicious advertisements that redirect users to rogue websites, thus exposing victims to scamware or malware. Unlike...
Mac OS X Security Update 2006-008
The remote host is running a version of Mac OS X 10.4 that does not have Security Update 2006-008 applied. This update fixes a flaw in QuickTime that may allow a rogue website to obtain the images rendered on the user screen. By combining this flaw with Quartz Composer, an attacker may be able to...