Vera Bradley Reveals Data Breach at Retail Stores
Vera Bradley, the maker of women’s handbags and accessories, said attackers compromised its payment processing system and were able to steal card data for customers who used cards in the company’s stores from the end of July through late September. The data breach doesn’t affect cards that were used online and the company hasn’t specified […]
Malware Infecting Seagate NAS Devices to Mine Monero Cryptocurrency
Attackers are using a nasty piece of malware to infect Seagate storage devices and then jump to the PCs connected to the NAS devices and use the machines to mine the Monero open source cryptocurrency. Researchers at Sophos, taking an in-depth look at the Miner-C malware, discovered that it is infecting large numbers of NAS devices […]
Researchers Find Strong Ties Between Equation Group Tools and Shadow Brokers Dump
The researchers who originally uncovered the Equation Group, a hacking team strongly believed to be tied to the NSA, says that the trove of offensive tools, exploits, and files apparently stolen from that group and dumped online this week has a “strong connection” to the Equation Group’s known toolsets. An anonymous group calling itself the Shadow […]
Vaw Yeah: Vawtrak Trojan Adds Certificate Pinning to Its Arsenal
Banking Trojans have fallen out of the threat spotlight lately, thanks to all of the shine going to ransomware, but they are still out there doing their business. And in some cases, like the venerable Vawtrak malware, the authors are making important and interesting tweaks to their creations to stay ahead of the defenders. Vawtrak […]
Banking Trojan Lurks in Legitimate Software
Cybercriminals have been relying on the watering hole attack for many years as a consistent method for getting their malware onto victims’ machines. Recently, security researchers discovered that one group of attackers had compromised the site of a legitimate software company and found a way to insert their banking Trojan’s code into the company’s own downloader. The […]
Android Malware Impersonates Google Play, WhatsApp
Overlay malware has emerged as one of the more pernicious threats on mobile devices, particularly Android phones, and researchers have now discovered a new SMS phishing campaign that uses overlay malware to steal credentials for mobile banking apps and messaging apps. The attackers behind the campaign are using a wide range of lures and a […]
Android Overlay Malware Targeting Banking Apps
There is a growing crop of mobile malware that is designed to overlay a user’s phone screen and harvest banking and other credentials, and the attackers behind these tools have thoughtfully created a range of options, from low-end to premium priced. Researchers at IBM’s X-Force team have been tracking a variety of mobile malware samples […]
Massive Bank of Bangladesh Attack Hit SWIFT Payment System
Attackers who pulled off the massive bank fraud at the Bangladesh Bank in February did so by using custom malware and attack tools that were able to monitor the internal messages that conduct financial transactions, delete certain messages, and then insert others to send money to accounts they control, researchers say. The tools targeted the SWIFT […]
New Version of CenterPOS Malware Emerges
Researchers have discovered a new version of the CenterPOS malware that is capable of scraping memory and finding credit card data in running processes on infected devices. The malware is the latest iteration of CenterPOS, a family of point-of-sale malware that researchers have been tracking for several months. CenterPOS has been seen infecting PoS devices […]