Philip Choo

Xenomorph malware has reemerged in a new distribution campaign, expanding its scope to target over 30 US banks along with various financial institutions worldwide.  Cybersecurity analysts from ThreatFabric recently uncovered this resurgence, which relies on deceptive phishing webpages posing as a Chrome update to trick victims into downloading malicious APKs. Xenomorph first came to the
Dear Naked Security readers, Firstly, thank you for your interest, your time, and your contributions to the Naked Security community. Your invaluable engagement and expertise have helped improve cybersecurity for everyone. We have recently added the extensive catalog of Naked Security articles to the Sophos News blog platform, enabling us to provide all Sophos security
Unit 42 researchers have unveiled a web of complex cyber-espionage attacks targeting a government in Southeast Asia. While initially thought to be the work of a single threat actor, the researchers discovered that the attacks were orchestrated by three separate and distinct clusters of threat actors. These espionage operations, occurring simultaneously or nearly so, affected
Sep 25, 2023THNCyber Attack / Phishing Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. “Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service
Security researchers at SentinelLabs, in collaboration with QGroup, have unveiled a new threat actor known as Sandman. This unidentified group has been launching targeted attacks on telecommunications providers in regions including the Middle East, Western Europe and South Asia. According to an advisory published by SentinelLabs on Thursday, Sandman’s tactics are marked by stealthy lateral movements
Even in today’s cloud-based environments, USB drives are a useful tool. Removable media can perform a variety of tasks, among them quick transfers between systems on different networks or moving installation and configuration files to air-gapped networks. Optical media, such as CDs and DVDs, are also still found in some networks. For all their versatility,
Welcome to the TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s inspired by the daily TechCrunch+ column where it gets its name. Want it in your inbox every Saturday? Sign up here. The Perkins School for the Blind has identified over 1,400 companies that are designing and building products specifically for people with disabilities. I met
Video Two ESET malware researchers took to the LABScon stage this year to deconstruct sophisticated attacks conducted by two well-known APT groups 22 Sep 2023 The lineup of speakers at this year’s edition of LABScon featured two ESET malware researchers who took to the stage to deconstruct sophisticated attacks conducted by two well-known APT groups.
Sep 23, 2023THNCyber Espionage / Malware Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. “Deadglyph’s architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly,” ESET
PhonePe launched the Indus AppStore Developer Platform on Saturday, promising no platform fee or commission on in-app purchases as the Walmart-backed fintech races to win Android developers in Google’s largest market. The Bengaluru-headquartered startup, which has amassed over 450 million registered users on its payments app, said developers can start registering and uploading their apps
The US Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Football League (NFL), Allegiant Stadium and Super Bowl LVIII partners, has conducted a cybersecurity tabletop exercise this week in preparation for Super Bowl LVIII. The exercise aimed to assess and enhance cybersecurity response capabilities, plans and procedures for the upcoming event. The Super
DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session. DoH seeks to improve online privacy by hiding DNS queries from view. DoH works similarly to DNS, but HTTPS sessions keep the requests and minimize the information exchanged
Sep 21, 2023THNTelecom Security / Cyber Attack A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunic koation providers in the Middle East, Western Europe, and the South Asian subcontinent. Notably, the intrusions leverage a just-in-time (JIT) compiler for the Lua programming language known as LuaJIT as