Category: Shorts

Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks Zyx Zyxel, a networking equipment maker, has released patches for several critical security flaws in its firewall devices, which could lead to remote code execution and cause a denial-of-service (DoS) condition. The most severe of these flaws is tracked as CVE-2022-43389 and is rated 9.8 on…

Why Your Detection-First Security Strategy Isn’t Working Cybersecurity is an ever-growing challenge, with attacks increasing despite the estimated $172 billion spent on global cybersecurity in 2022. Relying on malware signatures and blocklists is futile, as attacks keep growing and organizations are understaffed to detect them. Endpoint detection and response (EDR) adoption has grown rapidly, but…

Atomic macOS Malware Steals Keychain Passwords and Crypto Wallet Contents Threat actors are offering a new malicious software called Atomic macOS Stealer (AMOS) for sale on Telegram for $1,000 per month. AMOS is capable of stealing various types of information from a victim’s device, including passwords, system information, desktop files, and more. It is often…

ViperSoftX InfoStealer Uses Sophisticated Techniques to Avoid Detection ViperSoftX is a sophisticated information-stealing malware first documented in 2020 and has been deployed across numerous countries. It is typically delivered via a software crack or a key generator and can install rogue browser extensions to steal passwords and crypto wallet data. It has anti-virtual machine, anti-monitoring,…

Apple must reveal how many users it has in the European Union App Store, following new Apple has revealed the number of active monthly users for its App Store in Europe in order to comply with the EU’s Digital Services Act. The iOS App Store has 101 million users, iPadOS has 23 million, macOS has…

Attention online shoppers: beware of Magecart! Magecart is a cybercrime group that uses online skimming techniques to steal personal data from websites, most commonly customer details and payment information. The latest iteration, observed by Malwarebytes on a Parisian travel accessory store, involves the injection of a skimmer called Kritec to intercept the checkout process and…

Tonto Team Uses Malware File to Launch Attacks on South Korean Institutions The Tonto Team, a threat actor with ties to China, is targeting South Korean institutions such as education, construction, diplomatic, and political institutions with new attacks. This attack sequence begins with a Microsoft Compiled HTML Help (.CHM) file that is used to side-load…

Meta is going to let you update Quest apps before it shuts down Meta’s v53 update for Quest devices adds a useful new feature that lets users download updates while the headset is shut down, allowing them to save time. It also includes improvements such as Advanced Camera Settings, a parental supervision tool for the…

Activision’s Microsoft deal is on life support because cloud gaming still has potential The UK’s Competition and Markets Authority has blocked Microsoft’s $68.7 billion purchase of Activision Blizzard, citing that it could alter the future of the fast-growing cloud gaming market, leading to reduced innovation and less choice for UK gamers over the years to…

Google Gets Court Order to Take Down CryptBot, Which Infected Over 670,000 Google obtained a court order to disrupt the distribution of CryptBot, an information-stealing malware that has infected over 670,000 computers. The malware is typically delivered via maliciously modified versions of legitimate software. The major distributors of CryptBot are suspected to be operating a…