No recent events yet!
A new version of the Vultur banking trojan posing as a security app, authenticator or productivity apps to steal sensitive data and gain total control over compromised android devices has been discovered. The malware has been embedded in over 800 apps on the Google Play Store and many android devices have been compromised. This latest version of the malware includes more advanced remote-control capabilities and an improved evasion mechanism, enabling its operators to remotely interact with a mobile device and harvest sensitive data. This type of attack relies on "smishing" (SMS phishing) and phone calls to trick their targets into installing a version of the malware. Additionally, it can also be distributed via trojanized dropper apps known as Brunhilda.
Several critical zero-day and high severity vulnerabilities have been reported in Mozilla products including the Google Chrome browser. Attackers could leverage these vulnerabilities to run arbitrary code, circumvent security measures, or cause crashes on vulnerable systems. Nonetheless, Mozilla and Google have issued security updates to address the discovered vulnerabilities. As a result, users are advised to upgrade their products to the latest versions as recommended.
There is a concerning development involving a new StrelaStealer malware campaign that has affected numerous organizations with most recent cases occurring in the United States and Europe, highlighting the necessity for Nigerian organizations to remain vigilant, as reports indicate widespread propagation. This campaign is specifically designed to target email account credentials. The sectors most heavily targeted by this campaign include finance, legal services, manufacturing, government agencies, utilities, and energy, among others. The potential consequences of these attacks are severe, ranging from data theft to financial losses and other forms of fraudulent activity. Therefore, it emphasizes the critical need for proactive measures to be taken to prevent such attacks from compromising our critical information infrastructures.
A new variant of Infostealer Malware with upgraded modular capabilities, known as BunnyLoader 3.0 (Player_Bunny), has been discovered in the wild, posing a serious threat due to its enhanced capabilities for stealing information, credentials, digital currency, and delivering additional malware payloads. The third version of the information-stealing malware-as-a-service threat has more data theft modules, stronger keylogging features, smaller payloads, and improved stealth. Aside from its unique denial-of-service capabilities, BunnyLoader 3.0 has separate binaries for modules involved in DoS, keylogging, clipping, and data exfiltration. This emphasizes the need of putting safeguards in place to prevent this threat.
Security researchers have revealed a new tactics deployed by cyber criminals to hack Windows systems. The elaborate attack campaign nicknamed DEEP#GOSU, is likely associated with the group tracked as Kimsuky. This campaign is an eight-stage attack chain that employs the use of PowerShell and VBScript malware to infect Windows systems and harvest sensitive information, with implications for data and financial losses. Users of Windows system are therefore advised to take proactive steps provided herein to mitigate the threats.
