New version of IcedID Trojan uses steganographic payloads
We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware.
Backdoors are a security vulnerability
Upset by their inability to access potentially vital evidence for criminal investigations, the federal government has, for years, pushed to convince tech companies to build backdoors that will, allegedly, only be used by law enforcement agencies. The problem, cybersecurity researchers say, is that those backdoors can easily be exploited by criminals.
A week in security (July 15 – 21)
A roundup of cybersecurity news from July 15–21, including the Zoom camera vulnerability, Extenbro, Sodinokibi, Magecart, and cybersecurity challenges facing the education sector.
Mac malware combines EmPyre backdoor and XMRig miner
New Mac malware is using the EmPyre backdoor and the XMRig cryptominer to drain processor power—and possibly worse.
Mac cryptocurrency ticker app installs backdoors
A Mac application named CoinTicker has been found installing two different backdoors, capable of keylogging, data theft, execution of arbitrary commands, and more.
An in-depth malware analysis of QuantLoader
QuantLoader is a Trojan downloader that has been used in campaigns serving a range of malware, including ransomware, Banking Trojans, and RATs. In this post, we’ll take a high-level look at the campaign flow, as well as a deep dive into how the malware executes.
Going dark: encryption and law enforcement
There’s been a lot of talk recently about encryption and how law enforcement can’t convict criminals without encryption keys. We beg to differ.
HandBrake hacked to drop new variant of Proton malware
The website of the popular HandBrake DVD-ripping app has been hacked, and for 4 days, a maliciously-modified copy of the app was installing a new variant of the mysterious Proton malware.
Mobile Menace Monday: Adups, old and new
Recently, Kryptowire discovered a malicious app found on China-made mobile devices running the Android OS. This is a baked-in system app used to update the device’s firmware but is found to also steal personal information, among other things.
