Blog

Geico data breach exposed customers’ driver’s license numbers for more than a month

Insurance company Geico suffered a data breach earlier this year that exposed customers’ driver’s license numbers for more than a month, according to a data breach notice filed with the attorney general of California. First reported by TechCrunch, Geico says in the notice that it has fixed the security issue that led to the breach. “We recently determined

Read More

(Are you) afreight of the dark? Watch out for Vyveva, new Lazarus backdoor

ESET researchers have discovered a previously undocumented Lazarus backdoor, which they have dubbed Vyveva, being used to attack a freight logistics company in South Africa. The backdoor consists of multiple components and communicates with its C&C server via the Tor network. So far, we have been able to find its installer, loader and main payload

Read More

Fake Netflix App on Google Play Spreads Malware Via WhatsApp

The wormable malware spread from Android to Android by sending messages offering free Netflix Premium for 60 days. Malware disguised as a Netflix app, lurking on the Google Play store, spread through WhatsApp messages, researchers have discovered. According to a Check Point Research analysis released on Wednesday, the malware masqueraded as an app called “FlixOnline,”

Read More

FBI: APTs Actively Exploiting Fortinet VPN Security Holes

Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying out recon. UPDATE The FBI and the Cybersecurity and Infrastructure Security Agency are warning that advanced persistent threat (APT) nation-state actors are actively exploiting known security vulnerabilities in the Fortinet FortiOS cybersecurity operating

Read More