February 2022

Xenomorph Android Banking Trojan Now Spreading on Google Play Store

Leave a Comment / Malware /

A new Android trojan has been observed to be distributed via the official Google Play Store with the goal of targeting 56 European banks and carrying out harvesting sensitive information from compromised devices. The trojan has been nicknamed Xenomorph and its noticed to share overlaps with another banking trojan tracked under the moniker Alien while […]

Xenomorph Android Banking Trojan Now Spreading on Google Play Store Read More »

Taiwanese Financial Trading Sector Suffers Cyber Attack by Chinese Hackers

Leave a Comment / Cyber Attacks /

Hackers aligned with objectives of the Chinese government have been linked to an organized supply chain attack on Taiwan’s financial sector. These attacks first commenced at the end of November 2021, with the intrusions attributed to a threat actor tracked as APT10, also known as Stone Panda, the MenuPass group and Bronze Riverside, and known

Taiwanese Financial Trading Sector Suffers Cyber Attack by Chinese Hackers Read More »

Microsoft Takes Steps to Disable Macros in Office Apps by Default to Block Malware Attacks

Leave a Comment / Malware /

Microsoft announces plans to disable Visual Basic for Applications (VBA) macros by default across its products, including Word,Excel, PowerPoint, Access and Visio for documents downloaded from the web in an attempt to eliminate an entire class of attack vector. “Bad actors send macros in Office files to end users who unknowingly enable them, malicious payloads

Microsoft Takes Steps to Disable Macros in Office Apps by Default to Block Malware Attacks Read More »

New Techniques Adopted By SolarMarker To Maintain Presence On Hacked Systems

Leave a Comment / Malware /

As threat actors continuously change pattern, the operators of the SolarMarker information stealer and backdoor have been discovered to be leveraging stealthy tricks to establish long-term persistence on compromised systems. This was spotted by Sophos a cybersecurity firm, wherein they observed that the remote access implants are still being detected on targeted networks despite the

New Techniques Adopted By SolarMarker To Maintain Presence On Hacked Systems Read More »