Latest Tech News

The creators of the TrickBot have once again updated their malware with new functionality and now it can target Linux devices through its new DNS command and control tool Anchor_DNS.

While TrickBot originally started out as a banking trojan, the malware has evolved to perform other malicious behaviors including spreading laterally through a network, stealing saved credentials in browsers, stealing cookies, checking a device's screen resolution and now infecting Linux as well as Windows devices.

TrickBot is also malware-as-a-service and cybercriminals rent access to it in order to infiltrate networks and steal valuable data. Once this is done, they then use it to deploy ransomware such as Ryuk and Conti in order to encrypt devices on the network as the final stage of their attack.

• We've put together a list of the best malware removal software
• Also check out our roundup of the best ransomware protection
• Protect your privacy online with one of the best VPNs

At the end of last year, SentinelOne and NTT reported that a new TrickBot framework called anchor uses DNS to communicate with its C&C servers. Anchor_DNS is used to launch attacks against high-value and high-impact targets that posses valuable financial information. The TrickBot Anchor can also be used as a backdoor in APT-like campaigns which target both point-of-sale and financial systems.

Anchor_DNS

Up until now, Anchor has been a Windows malware but Stage 2 Security researcher Waylon Grange discovered a new sample which shows that Anchor_DNS has been ported to a new Linux backdoor version called 'Anchor_Linux'.

In addition to acting as a backdoor that can be used to drop and run malware on Linux devices, the malware also contains and embedded Windows TrickBot executable that can be used to infect Windows machines on the same network.

Once copied to a Windows device, Anchor_Linux then configures itself as a Windows service. After configuration, the malware is tarted on the Windows host and it connects back to an attacker's C&C server where it receives commands to execute.

The fact that TrickBot has been ported to Linux is especially worrying since many IoT devices including routers, VPN devices and NAS devices run on Linux. Concerned Linux users can find out if they have been infected by looking for a log file at /tmp/anchor.log on their systems. If this file is found, users should perform a complete audit of their systems to search for the Anchor_Linux malware.

• We've also highlighted the best antivirus software

Via BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/3hV6rRd

Latest Tech News

As countries around the world started providing Covid-19 contact tracing apps to their citizens, cybercriminals used this to their advantage to distribute Android malware, according to a new report from EclecticIQ and ThreatFabric.

Researchers from both companies as well others identified malicious Android apps that were disguised as the official contact tracing applications for Colombia, India, Singapore and Indonesia. Surprisingly, the sample from India was released just 13 days after the official Indian contact tracing app was made available on the Google Play Store.

After analyzing the samples, EclecticIQ and ThreatFabric found they used the commodity and open source malware SpyMax, SpyNote and Aymth. The attackers also repackaged applications with Metasploit to give them remote access trojan capabilities.

• Protect your privacy online with one of the best VPN services
• We've put together a list of the best antivirus software on the market
• Also check out the best malware removal software

To distribute their malicious contact tracing apps, the cybercriminals relied on phishing links that were designed to trick users into installing their apps.

Malicious contact tracing apps

Based on the findings of EclecticIQ and ThreatFabric's report, it is almost certain that threat actors will continue to use commodity and open source-based malware disguised as legitimate contact tracing apps for financial gain.

The low barrier to entry provided by these tools combined with the continued rollout of contact tracing apps by countries around the world, presents a continued financial opportunity for cybercriminals into the near future.

Cyber threat intelligence specialist at ElecticIQ's Fusion Center, Peter Ferguson explained in a press release that users should only download Covid-19 contact tracing apps from official app stores, saying:

"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."

Throughout the pandemic, cybercriminals have repeatedly tried to capitalize on the disruption it has caused worldwide by using Covid-19 as a lure to trick users into installing malware on their devices. They will likely continue to launch similar campaigns because of how successful they've been so far. This means that businesses and consumers need to remain vigilant when it comes to Covid-19-related threats and scams.

• We've also highlighted the best Android antivirus apps

from TechRadar - All the latest technology news https://ift.tt/33lvbho

Latest Tech News

The Canon EOS R5 hasn't exactly had an easy ride since its launch a few weeks ago, with overheating criticism recently followed up by speculation that shipments have been delayed or that it could even be recalled. But Canon has poured cold water on these rumors with some official statements.

We asked Canon Australia and Canon UK for an official response to reports from Canon Rumors and EOSHD that it could delay the second shipment of Canon EOS R5 cameras, or even recall the mirrorless hybrid for a hardware fix, as speculated by Petapixel. 

A Canon Australia spokesperson told us that it "can confirm that there have been no delays in local shipment, with the first local pre-order consumers collecting their EOS R5 units from local retailers starting from yesterday".

The spokesperson also went further, stating: "The EOS R5 has already started to ship in some countries – Australia is 100% one of them. Locally, we do have a lot of stock on back-order, however, due to the high number of pre-orders made. Any future timelines on shipping have no connection to speculation of overheating – we are simply working in the parameters of a supply chain affected by the global pandemic.”

While that doesn't specifically quell rumors that the second batch of EOS R5s could be delayed until November, it does suggest that any potential delays would be down to the knock-on effects of the pandemic, rather than any possible recall.

We're still waiting for a response from Canon UK, although a separate statement from Canon USA appears to have been issued to PetaPixel  – it says: "Orders of the EOS R5 are scheduled to be delivered as initially stated at launch. The first set of cameras shipped from our warehouses this week. We eagerly await the content that will be produced by talented creatives using this camera to be shared with the world."

Again, this doesn't specifically address rumors, fueled by speculation from EOSHD about German retailers not receiving their EOS R5 allocations, that the camera's second shipment could be delayed. But it does at least suggest that early orders are being fulfilled and that no recall is currently being planned.  

• Read our hands-on Canon EOS R5 review
• Canon EOS R5 vs EOS R6: 10 key differences you need to know
• Canon EOS 1D X Mark III in-depth review

(Image credit: Canon)

Feeling the heat

So where does this leave the Canon EOS R5? We'll no doubt get further clarification from Canon in the coming days or weeks, but despite the speculation nothing much has changed. The EOS R5 is currently out of stock (or 'backordered') in Canon's US, Australia and UK stores, and there are no dates yet for when the next units will be available.

Any speculation that the full-frame mirrorless flagship could be recalled also remains just that. Canon issued a statement that openly clarified the heat-related limitations of the EOS R5, and its need for 'recovery times' when pushed to its limits.

Such heat-related restrictions are also nothing new for cameras, particularly full-frame models with the EOS R5's video powers, which is why external recorders like the Atomos Ninja have become a common feature of filming setups.

We're in the process of testing the Canon EOS R5, so will be able to give our verdict on its relative strengths for video and stills soon. It also seems likely, as Canon Rumors has suggested, that a firmware update addressing the camera's heat management will be en route too.

Until then, we'll make sure we bring you any more official updates from Canon on when its mirrorless flagship is likely to be shipping again or available to order.

• These are the best cameras in the world right now

from TechRadar - All the latest technology news https://ift.tt/3hYBig2

Latest Gadgets News

Realme 6i will go on its first sale today at 12pm (noon) while the Realme Narzo 10A will go on yet another flash sale at the same time. Both the phones will be sold on Flipkart and Realme India website. The Realme 6i was launched last week as a rebranded variant of the Realme 6s that previously launched in Europe.

from Gadgets 360 https://ift.tt/3jYEgmv

Latest Gadgets News

Oppo Reno 4 Pro India launch event will begin at 12.30pm today. The phone is said to go on sale on Flipkart and is teased to come with a 6.5-inch display with 90Hz refresh rate and "3D borderless sense screen."

from Gadgets 360 https://ift.tt/2EEBpPv

Time to report? Follow these steps to tell the IRS your stimulus payment is missing - CNET

The second stimulus check is currently being negotiated in Washington. If you're still waiting for your first one, here's how to let the federal agency know about your absent money.

from CNET https://ift.tt/30h6bpX

Latest Gadgets News

Honor 9A, Honor 9S, and Honor MagicBook 15 are set to launch in India today. While the Honor 9A and Honor 9S will be the brand’s latest affordable phones, the MagicBook 15 will be its first notebook arriving in the country.

from Gadgets 360 https://ift.tt/2P98dSm

Help save Space Camp! Crowdfunding campaign started to prevent shutdown - CNET

The Space Camp at U.S. Space & Rocket Center at NASA's Marshall Space Flight Center needs help from space fans to stay afloat during the quarantine.

from CNET https://ift.tt/39F01TA

Can coronavirus live on your clothes and shoes? Here's what we know right now - CNET

Should you leave your shoes outside and immediately wash your clothes when you get home? We answer these questions and more.

from CNET https://ift.tt/3fg8q0E

The best tower fans for 2020 (and 4 you should skip) - CNET

Tower fans are the unsung heroes of a summer stuck at home, so we tested a bunch of them out to find our favorites. Here's what we recommend.

from CNET https://ift.tt/2VV6J2a

15 best movies to watch on Amazon Prime Video - CNET

A heap of gems can be found on Amazon. Let's round them up.

from CNET https://ift.tt/3feE1Qs

15 best TV shows to watch on Amazon Prime Video - CNET

From superhero actioners to irreverent comedies, here are some of the best shows Amazon has to offer.

from CNET https://ift.tt/39HQ9bs

50 of the best TV shows to binge on Netflix - CNET

Need something great to watch? Here are the best TV shows Netflix has to offer.

from CNET https://ift.tt/3feE4vC

How to watch or stream Bill & Ted Face the Music online - CNET

The next installment of Bill & Ted's time-traveling, world-saving adventures is heading to theaters and on demand in September.

from CNET https://ift.tt/3fcgbVv

Facebook announces internet nostalgia app E.gg - CNET

The Geocities look is back.

from CNET https://ift.tt/3fbOZX7