New spyware has been detected that targets iOS and Android users who patronize illicit sites that typically offer escort services.  The malware, named Goontact by the Lookout researchers who discovered it, targets heterosexual users in China, Korea, Japan, Thailand, and Vietnam, stealing personal information from their mobile devices.  Researchers noted: “The types of sites used to distribute these malicious apps and the information exfiltrated suggests that the ultimate goal is extortion or blackmail.” Goontact frequently disguises itself…

Last week, during the Docker Community All Hands, we announced the availability of a developer preview build of Docker Desktop for Macs running on M1 through the Docker Developer Preview Program. We already have more than 1,000 people testing these builds as of today. If you’re interested in joining the program for future releases you should do it today! As I’m sure you know by now, Apple has recently shipped the first Macs based on…

Adrozek Malware is Wreaking Havoc on Web Browsers: How to Stay Protected Every few weeks, there seems to be breaking news about large-scale data breaches that affect millions – but what about the lesser-known threats that lurk quietly in the shadows? Oftentimes, these are the scams that could wreak havoc on our day-to-day digital lives. Adrozek malware is just that: a new strain that affects web browsers, stealthily stealing credentials through “drive-by downloads,” or a…

Adrozek Malware is Wreaking Havoc on Web Browsers: How to Stay Protected Every few weeks, there seems to be breaking news about large-scale data breaches that affect millions – but what about the lesser-known threats that lurk quietly in the shadows? Oftentimes, these are the scams that could wreak havoc on our day-to-day digital lives. Adrozek malware is just that: a new strain that affects web browsers, stealthily stealing credentials through “drive-by downloads,” or a…

Part I of II Situation In a blog post released 13 Dec 2020, FireEye disclosed that threat actors compromised SolarWinds’s Orion IT monitoring and management software with a trojanized version of SoalrWinds.Orion.Core.BusinessLayer.dll. The trojanized file delivers the SUNBURST malware through a backdoor as part of a digitally-signed Windows Installer Patch. Use of a Compromised Software Supply Chain (T1195.002) as an Initial Access technique is particularly critical as it can go undetected for a long period. FireEye…

Refinitiv has added to its cybercrime-fighting capabilities by acquiring an American digital identity, payments verification, and fraud prevention company. The definitive agreement to acquire Giact Systems, LLC (“GIACT“) was announced on November 2. News that the planned deal had officially closed was shared by Refinitiv on December 9.  GIACT was founded in Texas in 2004 and now has over 100 employees supporting more than 1,000 leading blue-chip companies, payment merchants, and financial and insurance customers.   The company helps businesses verify customers…