Two different Android banking Trojans, FluBot and Medusa, are relying on the same delivery vehicle as part of a simultaneous attack campaign, according to new research published by ThreatFabric. The ongoing side-by-side infections, facilitated through the same smishing (SMS phishing) infrastructure, involved the overlapping usage of "app names, package names, and similar icons," the Dutch mobile

The wide-ranging adoption of cloud facilities and the subsequent mushrooming of organizations' networks, combined with the recent migration to remote work, had the direct consequence of a massive expansion of organizations' attack surface and led to a growing number of blind spots in connected architectures. The unforeseen results of this expanded and attack surface with fragmented monitoring

Microsoft on Monday said it's taking steps to disable Visual Basic for Applications (VBA) macros by default across its products, including Word, Excel, PowerPoint, Access, and Visio, for documents downloaded from the web in an attempt to eliminate an entire class of attack vector. "Bad actors send macros in Office files to end users who unknowingly enable them, malicious payloads are delivered,

Microsoft last week announced that it's temporarily disabling the MSIX ms-appinstaller protocol handler in Windows following evidence that a security vulnerability in the installer component was exploited by threat actors to deliver malware such as Emotet, TrickBot, and Bazaloader. MSIX, based on a combination of .msi, .appx, App-V and ClickOnce installation technologies, is a universal Windows

Gold Awards Recognize Ericom’s Strengths in SASE, Zero Trust Security, Remote Browser Isolation, and other Key Security Categories

(PRWeb February 08, 2022)

Read the full story at https://www.prweb.com/releases/ericom_ztedge_cloud_security_platform_wins_multiple_2022_cybersecurity_excellence_awards/prweb18484080.htm

Company increased customers, expanded protected mailboxes and earned numerous award recognitions in 2021

(PRWeb February 08, 2022)

Read the full story at https://www.prweb.com/releases/ironscales_adds_more_than_3_000_customers_remediates_27_million_emails/prweb18477166.htm

Actinium/Gameredon's attacks are another reminder of why organizations need to pay additional scrutiny to systems in the region.

A high-severity security vulnerability in Argo CD could allow an attacker to access sensitive information from target applications.

read more

Now that attackers can bypass preventative controls, we need to find and stop the attackers when they're already inside.

Malware hunters at Microsoft are calling attention to a nasty macOS malware family that has evolved quickly from a basic information-gathering trojan to a stealthy backdoor with more powerful capabilities.

read more

It's a big deal when a vendor decides to block one of its own "features" for security reasons. Here's why we think it's a good idea.

A politically motivated advanced persistent threat (APT) group has expanded its malware arsenal to include a new remote access trojan (RAT) in its espionage attacks aimed at Indian military and diplomatic entities. Called CapraRAT by Trend Micro, the implant is an Android RAT that exhibits a high "degree of crossover" with another Windows malware known as CrimsonRAT that's associated with Earth