• 2FA App Loaded with Banking Trojan Infests 10K Victims via Google Play »
  The Vultur trojan steals bank credentials but asks for permissions to do far more damage down the line.
• BotenaGo Botnet Code Leaked to GitHub, Impacting Millions of Devices »
  The malware had already put millions of routers and IoT devices at risk, and now any noob can have at it.
• Shipment-Delivery Scams Become the Favored Way to Spread Malware »
  Attackers increasingly are spoofing the courier DHL and using socially engineered messages related to packages to trick users into downloading Trickbot and other malicious payloads.
• How to Secure Your SaaS Stack with a SaaS Security Posture Management Solution »
  SaaS Security Posture Management (SSPM) named a must have solution by Gartner. Adaptive Shields SSPM solution allows security teams full visibility and control.
• TrickBot Crashes Security Researchers’ Browsers in Latest Upgrade »
  The malware has added an anti-debugging tool that crashes browser tabs when researchers use code beautifying for analysis.
• Apple Fixes 2 Zero-Day Security Bugs, One Exploited in the Wild »
  iOS 15.3 & iPadOS 15.3 fix the Safari browser flaw that could have spilled users’ browsing data, plus a zero day IOMobileFrameBuffer bug exploited in the wild.
• ‘Dark Herring’ Billing Malware Swims onto 105M Android Devices »
  The mobile malware heisted hundreds of millions of dollars from unsuspecting users, thanks to 470 different well-crafted malicious app in Google Play.
• New Year, New Threats: 4 Tips to Activate Your Best Cyber-Defense »
  Need a blueprint for architecting a formidable cyber-defense? Kerry Matre, senior director at Mandiant, shares hers in this detailed breakdown.
• Cybercriminals Love Supply-Chain Chaos: Here’s How to Protect Your Inbox »
  Threat actors use bogus 'shipping delays' to deceive customers and businesses. Troy Gill, senior manager of threat intelligence at Zix, discusses how spoofing is evolving and what to do.
• Linux Bug in All Major Distros: ‘An Attacker’s Dream Come True’ »
  The 12-year-old flaw in the sudo-like Polkit’s pkexec tool, found in all major Linux distributions, is likely to be exploited in the wild within days.