October 2019

LONDON — Magecart, the digital card-skimming collective, is now so ubiquitous that its infrastructure is flooding the internet. In a paper presented at Virus Bulletin Read More

LONDON — A recent attack aimed at a U.S.-based oil, gas and chemical supplier leverages the company’s use of the enterprise-class Asterisk open-source PBX software, Read More

A security researcher has identified a flaw in the popular WhatsApp messaging platform on Android devices, which could allow attackers to launch privilege elevation and Read More

Researchers have discovered a new malware strain, dubbed Reductor, that allows hackers to manipulate Hypertext Transfer Protocol Secure (HTTPS) traffic by tweaking a browser’s random Read More

LONDON — A powerful Android botnet dubbed Geost has been spotted targeting Russian citizens, with the end goal of distributing a banking trojan to victims. Read More

Cloud-based customer service company Zendesk notified customers that account information for 10,000 users was accessed prior to November 2016. In a note posted Wednesday, Zendesk Read More

LONDON — Three separate, multi-year APT campaigns targeting region-specific software showcase a savvy technique of leveraging zero-day vulnerabilities in niche software in order to infect Read More

Attackers have a new obfuscation technique that uses the OpenDocument file format for sneaking payloads past antivirus software. Past macro-based attacks have relied on malware Read More

Researchers in Germany have invented a new hack that can allow someone to break the encryption of PDF files and access their content  — or Read More