CoinLurker: New Crypto-Stealing Malware Exploits Microsoft Edge WebView2 to Evade Detection
A sophisticated new malware called CoinLurker is targeting cryptocurrency users through deceptive update notifications, leveraging Microsoft Edge WebView2 technology to steal wallet data. The malware employs advanced evasion techniques including EtherHiding and stolen certificates while targeting multiple cryptocurrency platforms.
Serbian Police Accused of Using Cellebrite Tools to Deploy NoviSpy Surveillance Malware
Serbian authorities are under scrutiny for allegedly exploiting Cellebrite's digital forensics tools to secretly install NoviSpy spyware on citizens' devices during police interactions. The malware, linked to Serbia's intelligence agency, enables extensive surveillance of journalists and activists through screenshot capture, location tracking, and audio recording.
The Mask APT Group Returns: Advanced Cross-Platform Espionage Campaign Targets Latin America
A sophisticated cyber-espionage group called The Mask has resurfaced with enhanced multi-platform malware capabilities targeting organizations across Latin America. The threat actor's evolved arsenal includes new frameworks for Windows, macOS, and mobile systems, demonstrating their persistent threat in global cyber-espionage.
Massive Malvertising Campaign Exploits Ad Networks with Fake CAPTCHA Scam
Security researchers uncover 'DeceptionAds' operation serving over 1 million malicious ad impressions daily through 3,000+ compromised websites. The sophisticated campaign uses fake CAPTCHA pages to distribute information-stealing malware while exploiting legitimate advertising infrastructure.
Serbian Police Caught Using Cellebrite Tech to Plant Spyware on Journalists' Phones
Serbian law enforcement used Cellebrite's phone-unlocking technology to secretly install NoviSpy spyware on devices belonging to journalists and activists. The groundbreaking investigation by Amnesty International reveals the first documented case of Cellebrite's tools being misused to enable spyware infections.
Russia's €70M Disinformation Campaign Exposed in Bulgaria and Romania
A Bulgarian cybersecurity firm uncovers a massive Russian influence operation targeting Bulgaria and Romania, with expenditures of €70 million since 2010. The sophisticated campaign used targeted ads, malware, and bot networks to spread propaganda and collect user data.
Windows Privacy Alert: Microsoft Recall Feature Found Storing Sensitive Personal Data
Microsoft's new Windows Recall feature has been discovered capturing and storing screenshots containing sensitive information like credit card and Social Security numbers, despite built-in privacy filters. Security experts recommend immediate disabling of the feature while Microsoft claims improvements are in development.
Krispy Kreme's Digital Operations Hit by Cyberattack, Online Ordering Suspended
Popular doughnut chain Krispy Kreme is battling system disruptions after discovering unauthorized IT activity, impacting digital sales channels while physical stores remain open. The company faces potential financial impact from lost revenue and recovery costs, though daily deliveries continue unaffected.
ZLoader Malware Resurfaces with Advanced DNS Tunneling for Stealthy Attacks
A dangerous new variant of ZLoader malware has emerged with sophisticated DNS tunneling capabilities to mask its command-and-control communications. This 2.9.4.0 version introduces an interactive shell and custom protocols, marking a concerning evolution in malware sophistication.
Critical Windows NTLM Zero-Day Vulnerability Left Unpatched Until April 2024
A severe security flaw affecting all Windows versions allows attackers to capture NTLM credentials through malicious files in Windows Explorer. Microsoft plans to address this zero-day vulnerability in April 2024, leaving systems potentially exposed for months.