SonicWall is warning customers that threat actors are distributing a trojanized version of its NetExtender SSL VPN client used to steal VPN credentials. The fake software, which was discovered by SonicWall’s and Microsoft Threat Intelligence (MSTIC) researchers, mimics the legitimate NetExtender v10.3.2.27, the latest available version. The malicious installer file is hosted on a spoofed website
US Homeland Security warns of escalating Iranian cyberattack risks
The U.S. Department of Homeland Security (DHS) warned over the weekend of escalating cyberattack risks by Iran-backed hacking groups and pro-Iranian hacktivists. This warning was issued as a National Terrorism Advisory System bulletin on Sunday and cautions that the Iranian conflict is causing a “heightened threat environment” in the United States, with “low-level” cyberattacks targeting
Malware on Google Play, Apple App Store stole your photos—and crypto
A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices. The malware is a possible evolution of SparkCat, which Kaspersky discovered in January. SparkCat used optical character recognition (OCR) to steal cryptocurrency wallet recovery phrases from images saved on infected devices.
APT28 hackers use Signal chats to launch new malware attacks on Ukraine
The Russian state-sponsored threat group APT28 is using Signal chats to target government targets in Ukraine with two previously undocumented malware families named BeardShell and SlimAgent. To be clear, this is not a security issue in Signal. Instead, threat actors are more commonly utilizing the messaging platform as part of their phishing attacks due to its