Lazarus APT Targets macOS Users With Sophisticated New Malware

Mac users beware: researchers have discovered a new stealthy trojan that poses as a cryptocurrency trading platform.   Security researcher, Dinesh Devadoss, discovered the trojan, which disguises itself as a crypto-trading platform called Union Crypto trader. Even worse, the malware can evade most anti-virus software.   In a tweet, Devadoss posted a hash for the trojan. …

Department of Homeland Security Warns Financial Services Entities About Ongoing Dridex Attacks

Today, the Department of Homeland Security issued a warning to financial services institutions about ongoing Dridex malware attacks targeting private-sector financial firms through phishing e-mail spam campaigns, Bleeping Computer reports.   In the alert,  the Cybersecurity and Infrastructure Security Agency (CISA) says: “Because actors using Dridex malware and its derivatives continue to target the financial services sector, including financial …

Infamous Sandworm Hackers Upload Fake Android Apps to Play Store

According to Google’s Threat Analysis Group, the infamous Russian-linked Sandworm hacking group — Sandworm — has been caught repeatedly uploading fake apps to the Google Play Store.   Even worse, this same group was behind the NotPetya malware attacks on the 2018 Winter Olympics.   In a blog post, Google said the attacks began in 2017 when …

Ryuk Ransomware Claims Another Victim

T-System, a Dallas-based company that provides end-to-end solutions to hospitals, has been hit by a Ryuk ransomware attack, Bleeping Computer reports.   According to German Fernandez, the security researcher who discovered the attack, he was doing open-source intelligence (OSINT) for Ryuk indicators when he noticed that many of the platforms managed by T-Systems were down. …

Mixcloud Data Breach: Over 20 Million User Data Put Up For Sale On The Dark Web

UK-based audio streaming company, Mixcloud, suffered a data breach earlier this month that exposed 20 million user accounts.   Even worse, according to various news outlets, that information was put on sale on the dark web.   The seller who goes by the handle “A_W_S” reached out to TechCrunch, allowing the company to examine and …

Cyber Criminals Are Using Fake Sites to Lure Holiday Shoppers

According to researchers at Check Point, there has been a spike in phishing scams promoting e-commerce related phishing sites — compared to last year, there has been a 233% increase.   “12 months ago, in November 2018, we witnessed a significant increase in the amount of e-commerce related phishing websites being accessed directly, or from …

T-Mobile Says Some Prepaid Customers Had Their Account Information Breached

On Thursday, T-Mobile said it suffered a data breach that affected a “small amount” of prepaid customers.   In a statement, the company said: “Our cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities.”   The exposed information includes: Names …

5 Tips for Safe Online Shopping

As Black Friday continues to grow in popularity, more and more people are skipping the long lines and large crowds for a more intimate experience — online shopping.   While online shopping has its perks, it also opens up buyers to attacks from scammers and hackers.   In 2018, the FBI’s Internet Crime Complaint Center (IC3) …