Enlarge / Critical infrastructure sites such as this oil refinery in Port Arthur, Texas, rely on safety systems. reader comments 27 with 20 posters participating Share this story For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital… Read More: Feds allege destructive Russian hackers targeted US oil refineries »
reader comments 20 with 20 posters participating Share this story Scammers pushing iOS malware are stepping up their game by abusing two legitimate Apple features to bypass App Store vetting requirements and trick people into installing malicious apps. Apple has long required that apps pass a security review and be admitted to the App Store… Read More: Scammers have 2 clever new ways to install malicious apps… »
Enlarge / Warning: Data transfer in progress Yuri_Arcurs/Getty Images reader comments 10 with 10 posters participating Share this story Researchers on Tuesday revealed a new threat actor that over the past five years has blasted thousands of organizations with an almost endless stream of malicious messages designed to infect systems with data-stealing malware. TA2541, as… Read More: Researchers find threat group that has been active for 5… »
reader comments 34 with 33 posters participating, including story author Share this story Mac malware known as UpdateAgent has been spreading for more than a year, and it is growing increasingly malevolent as its developers add new bells and whistles. The additions include the pushing of an aggressive second-stage adware payload that installs a persistent… Read More: Mac malware spreading for ~14 months installs backdoor on infected… »
Getty Images reader comments 1 with 1 posters participating Share this story A banking-fraud trojan that has been targeting Android users for three years has been updated to create even more grief: besides draining bank accounts, the trojan can now activate a kill switch that performs a factory reset and wipes infected devices clean. Brata… Read More: Android malware can factory reset phones after draining bank accounts »
reader comments 60 with 47 posters participating Share this story Researchers have uncovered advanced, never-before-seen macOS malware that was installed using exploits that were almost impossible for most users to detect or stop once the users landed on a malicious website. The malware was a full-featured backdoor that was written from scratch, an indication that… Read More: Booby-trapped sites delivered potent new backdoor trojan to macOS users »
Getty Images reader comments 10 with 10 posters participating Share this story Dozens of legitimate WordPress add-ons downloaded from their original sources have been found backdoored through a supply chain attack, researchers said. The backdoor has been found on “quite a few” sites running the open source content management system. The backdoor gave the attackers… Read More: Supply chain attack used legitimate WordPress add-ons to backdoor sites »
reader comments 42 with 33 posters participating Share this story Researchers have uncovered a never-before-seen backdoor written from scratch for systems running Windows, macOS, or Linux that remained undetected by virtually all malware scanning engines. Researchers from security firm Intezer said they discovered SysJoker—the name they gave the backdoor—on the Linux-based Webserver of a “leading… Read More: Backdoor for Windows, macOS, and Linux went undetected until now »
reader comments 61 with 43 posters participating, including story author Share this story An Android app with more than 500,000 downloads from Google Play has been caught hosting malware that surreptitiously sends users’ contacts to an attacker-controlled server and signs up users to pricey subscriptions, a security firm reported. The app, named Color Message, was… Read More: Google Play app with 500,000 downloads sent user contacts to… »
reader comments 5 with 5 posters participating, including story author Share this story A US federal agency has been hosting a backdoor that can provide total visibility into and complete control over the agency network, and the researchers who discovered it have been unable to engage with the administrators responsible, security firm Avast said on… Read More: US federal agency fails to respond to reports it has… »