ERMAC: 378 Banking Apps Financial Data Stolen by New Android Malware

Leave a Comment / Data Breach /

BlackRock mobile malware operators have resurfaced with a new Android banking trojan called ERMAC targeting Poland with roots in the well known Cerberus malware, according to the latest research. “The new trojan has active distribution campaigns targeting 378 banking and wallet apps with overlays,” Cengiz Han Sahin the ThreatFabric’s CEO said in an emailed statement. […]

ERMAC: 378 Banking Apps Financial Data Stolen by New Android Malware Read More »

Windows Systems are getting Infected with UEFI Bootkit by New FinSpy Malware Variant

Leave a Comment / Malware /

FinFisher surveillanceware has been upgraded to infect Windows devices using a UEFI (Unified Extensible Firmware Interface) bootkit making use of a trojanized Windows Boot Manager, marking a shift in infection vectors that allow it to elude discovery and analysis. Detected since 2011, FinFisher also known as the Wingbird of FinSpy is a spyware toolset for

Windows Systems are getting Infected with UEFI Bootkit by New FinSpy Malware Variant Read More »

Chrome Releases Update Patching Actively Exploited Zero-Day Vulnerability

Leave a Comment / Vulnerabilities /

Google rolled out an emergency security patch to its Chrome web browser on the 24th of September, 2021 aimed at addressing a security flaw that’s known to have an exploit in the wild. The vulnerability is tracked as CVE-2021-37973 and described as use after free in Portals API, a web page navigation system that enables

Chrome Releases Update Patching Actively Exploited Zero-Day Vulnerability Read More »

100,000 Windows Domain Credentials Leaked due to Microsoft Exchange Bug

Leave a Comment / Data Breach /

100,000 login names and passwords for Windows domains worldwide has been leaked as a result of an unpatched design flaw in the implementation of Microsoft Exchange’s Autodiscover protocol. “This is a severe security issue, since if an attacker can control such domains or has the ability to ‘sniff’ traffic in the same network, they can

100,000 Windows Domain Credentials Leaked due to Microsoft Exchange Bug Read More »