Zombinder is a third-party service on darknet used to embed malicious payloads in legitimate Android applications. While investigating a new malware campaign targeting Android and Windows systems, researchers at Threat Fabric discovered a darknet service, dubbed Zombinder, used to embed malicious payloads in legitimate Android apps. The campaign involv

Lighting and building management giant Acuity Brands has publicly disclosed two data breaches suffered by the company in recent years, including one that may have involved ransomware.The Atlanta, Georgia-based firm employs roughly 13,000 people and has operations in North America, Europe and Asia.In a data security incident notice published in recent days, A

Digital risk protection company CloudSEK claims that another cybersecurity firm is behind a recent data breach resulting from the compromise of an employee’s Jira account.As part of the targeted cyberattack, an unknown party used session cookies for the employee’s Jira account to gain access to various types of internal data.Because the user never used a pas

Just to clarify, the subheading isn’t a normal quote, but a message that Janicab malware attempted to decode in its newest use of YouTube dead-drop resolvers (DDRs). While hunting for less common Deathstalker intrusions that use the Janicab malware family, we identified a new Janicab variant used in targeting legal entities in the Middle East throughou

The leading hospital in India’s capital limped back to normalcy on Wednesday after a cyberattack crippled its operations for nearly two weeks.Online registration of patients resumed Tuesday after the hospital was able to access its server and recover lost data. The hospital worked with federal authorities to restore the system and strengthen its defenses.It’

A newly observed botnet capable of self-replicating and self-propagation is targeting multiple Internet of Things (IoT) vulnerabilities for initial access, cybersecurity solutions provider Fortinet warns.Dubbed Zerobot, the malware is written in the Golang (Go) programming language and has several modules for self-replication, self-propagation, and for condu

Four Nigerians arrested recently in Europe have been charged in the United States over their alleged role in a scheme that involved computer hacking and filing false tax returns.According to the US Justice Department, the suspects are Akinola Taylor, Olakunle Oyebanjo, Kazeem Olanrewaju Runsewe, and Olayemi Adafin, who is a UK citizen. They were arrested in

The New Zealand government this week confirmed being impacted by a ransomware attack on managed service provider (MSP) Mercury IT, which has disrupted businesses and public authorities in the country.A small business with only 25 employees, Mercury IT provides cybersecurity, IT, telecoms, and support services for multiple organizations in the country.On Dece

Researchers discovered a new Go-based botnet called Zerobot that exploits two dozen security vulnerabilities IoT devices. Fortinet FortiGuard Labs researchers have discovered a new Go-based botnet called Zerobot that spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications. “This botn

The Pwn2Own Toronto 2022 hacking competition has begun, this is the 10th anniversary of the consumer-focused version of the contest. The news of the Samsung Galaxy S22 hack on the first day of Pwn2Own Toronto 2022 made the headlines. White hat hackers that participated in the competition hacked the Samsung Galaxy S22 smartphone twice during the first day

Cybercriminals are using a new residential proxy market to illegally access, sell, and trade the IP addresses of millions of proxys. A new entity which claims such a large pool of available proxies is a considerable development, considering law enforcement has shut down several large proxy providers in the past couple of years, such as RESNET and INSORG.Anal

A threat actor tracked as ‘Scattered Spider’ is targeting telecommunications and business process outsourcing (BPO) companies in an effort to gain access to mobile carrier networks and perform SIM swapping, cybersecurity firm CrowdStrike warns.A financially-motivated threat actor, Scattered Spider has been observed increasingly targeting the telecoms industr

Cloud company Rackspace has confirmed being targeted in a ransomware attack after it was forced to shut down its Hosted Exchange environment.Rackspace’s hosted Microsoft Exchange service started experiencing problems on Friday, December 2. The company shut down the impacted environment and confirmed on Saturday that it was a security incident.On Tuesday morn

The Canadian branch of Amnesty International said Monday it was the target of a cyberattack sponsored by China.The human rights organization said it first detected the breach Oct. 5 and hired forensic investigators and cybersecurity experts to investigate.Ketty Nivyabandi, Secretary General of Amnesty International Canada, said the searches in their systems

Researchers spotted a version of the open-source ransomware toolkit Cryptonite that doesn’t support decryption capabilities. Fortinet researchers discovered a sample of malware generated with the publicly available open-source ransomware toolkit Cryptonite that never offers the decryption window, turning it as a wiper. The experts also reported an