Android malware is a repeating news item here – and the way the Google Play Store operates is part of the problem but not the whole story. Another part of the reason is that unlike Apple and iOS, Google exerts far less control over the Android operating system and third …
Malware Stealing information from Apple’s Keychain
For a subscription of $1000 per month, Malware-as-a-Service is available to hackers via a Telegram channel that attacks Apple’s keychain password security on MacOS. The malware, called Atomic or AMOS, once deployed attempts to steal and exfiltrate a range information from MacOS machines, including passwords, cookies, crypto-wallets, browsers etc.. New …
Continue reading “Malware Stealing information from Apple’s Keychain”
NCSC report on commercial cyber attacks
The National Cyber Security Centre (NCSC) has issued a report looking at the increase in commercial cyber tools and services. The threat from commercial cyber proliferation – NCSC.GOV.UK It looks at how easy it is now for relatively low skilled threat actors to access sophisticated malware and deploy these attack …
Phishing emails – can you recognise them?
Phishing emails with a carefully scripted social engineering message, a malicious .pdf file with links to malware stored in Firebase Storage on Google. Brad Duncan on SANS InfoSec Handlers Diary Blog has the full story including screenshots of the phishing email and the steps to infection: Recent IcedID (Bokbot) activity …
Continue reading “Phishing emails – can you recognise them?”
WordPress vulnerability
You always need to keep up with the cyber security of your WordPress website and any plug-ins you use. Here is another that needs checking: Massive Balada Injector campaign attacking WordPress sites since 2017 (bleepingcomputer.com) Now the question you need to ask yourself is who looks after my website, assuming …
