Before downloading any Zoom apps, make sure you are on a legitimate site. Threat actors have created fake malicious sites, that do not provide Zoom apps but instead download Vidar Stealer, information stealing malware. Fake sites fool Zoom users into downloading deadly code • The Register This malware will exfiltrate …
Another case of a false positive and why we must not let these incidents weaken our cybersecurity stance
The highly respected security software vendor Malwarebytes, slipped up this time, classifying Google and YouTube as malware for short time: Malwarebytes mistakenly blocks Google, YouTube for malware (bleepingcomputer.com) I recently wrote about false positives and their possible impact on the cyber security stance of an organisation – if you did …
If there is way for threat actors to abuse legitimate tools, of course they do it! No, it is not deja vu!
The headline equally applies to the abuse of LinkedIn Smart Links: LinkedIn Smart Links abused in evasive email phishing attacks (bleepingcomputer.com) This is a feature in the LinkedIn Sales Navigator and Enterprise versions and allows packages of documents to be sent out and the metrics for the documents can be …
If there is way for threat actors to abuse legitimate tools, of course they do it!
Google’s Tag Manager (GTM) is a system for managing HTML and Javascript analytic tags on website, especially ecommerce sites. A report by The Recorded Future has found that threat actors have been installing malicious e-skimmers scripts that can steal customer card data and other personally identifiable information exploiting GTM. Google …
From advertising to ransomware
Chromeloader started life as an annoyance that would redirect browsers to pages of adverts – Microsoft and VMware are now warning that variants of web have moved on to infecting both Windows and macOS machines with malware, including ransomware: ChromeLoader expands into ransomware on Windows and macOS • The Register …
