Cybersecurity & IT Threats

If you’re an IT pro or a serious PC hobbyist, computers are as logical as Mr. Spock. If you’re a human being without a technical background, the average Windows error message might as well be written in Klingon. For that latter audience, computer security often devolves into magical thinking. That’s unfortunate because the reality is […]

I’m not one to mince words or make you wait for the payoff, so I’ll get right to the point. If you’ve purchased a T95 (or similar knockoff) streaming box that runs Android, chances are that your unit was shipped with pre-installed malware. But this isn’t your ordinary piece of malware. Instead, we’re looking at

Human Security has exposed a significant monetization method employed by a sophisticated cyber-criminal operation. This operation involved the sale of backdoored off-brand mobile and CTV (Connected TV) Android devices through major retailers, which had originated from repackaging factories in China. The scheme, known as BADBOX, deploys the Triada malware as a “backdoor” on various devices

Google will introduce new sender guidelines in February to bolster email security against phishing and malware delivery by mandating bulk senders to authenticate their emails and adhere to stricter spam thresholds. “Last year, we started requiring that emails sent to a Gmail address must have some form of authentication,” said Neil Kumaran, Group Product Manager

Security researchers discovered a new campaign that distributes a new version of the Xenomorph malware to Android users in the United States, Canada, Spain, Italy, Portugal, and Belgium. Analysts at cybersecurity company ThreatFabric have been tracking Xenomorph activity since February 2022 and note that the new campaign launched in mid-August. The latest version of Xenomorph is targeting users

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) revealed today the top ten most common cybersecurity misconfigurations discovered by their red and blue teams in the networks of large organizations. Today’s advisory also details what tactics, techniques, and procedures (TTPs) threat actors use to successfully exploit these misconfigurations with various

Security researchers discovered a new malware-as-a-service (MaaS) named ‘BunnyLoader’ advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard. The malware is under rapid development, with updates adding new features and bug fixes. It can currently download and execute payloads, log keys, steal sensitive data

Microsoft’s Bing Chat has come under scrutiny due to a significant security concern – the infiltration of malicious ads. Malwarebytes researchers have now demonstrated how unsuspecting users seeking software downloads can be tricked into visiting malicious websites and unwittingly downloading malware. Bing Chat, an artificial intelligence (AI) interactive text and image application powered by OpenAI’s