Tag: malicious
-
Beware Of Malicious Chrome Extension That Delivers Weaponized ZIP Archive
In August 2024, researchers detected a malicious Google Chrome browser infection that led to the distribution of LummaC2 stealer malware that utilized… First seen on gbhackers.com Jump to article: gbhackers.com/malicious-chrome-extension-zip/
-
Malicious npm Packages Mimicking ‘noblox.js’ Compromise Roblox Developers’ Systems
by
in SecurityNews
Tags: maliciousRoblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how thr… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/malicious-npm-packages-mimicking.html
-
AI cybersecurity needs to be as multi-layered as the system it’s protecting
by
in SecurityNewsCybercriminals are beginning to take advantage of the new malicious options that large language models (LLMs) offer them. LLMs make it possible to upl… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/09/ai-cybersecurity-needs/
-
How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions
by
in SecurityNewsAn adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft’s applications to gain their entitlements and user-gr… First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/how-multiple-vulnerabilities-in-microsoft-apps-for-macos-pave-the-way-to-stealing-permissions/
-
Alert: Hackers Use Bogus npm Packages To Target Developers
by
in SecurityNewsNorth Korean threat actors have recently been observed publishing malicious packages to the npm registry. Reports claim that these acts now indicate u… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/alert-hackers-use-bogus-npm-packages-to-target-developers/
-
North Korean Hackers Target Developers with Malicious npm Packages
by
in SecurityNewsThreat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating coordinated and relen… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/north-korean-hackers-target-developers.html
-
Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks
A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet.CVE-2024-7… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/unpatched-avtech-ip-camera-flaw.html
-
Malicious payloads deployed via MacroPack framework
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/malicious-payloads-deployed-via-macropack-framework
-
Malicious JavaScript facilitates Cisco store customer info theft
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/malicious-javascript-facilitates-cisco-store-customer-info-theft
-
Red team tool ‘MacroPack’ abused in attacks to deploy Brute Ratel
The MacroPack framework, initially designed for Red Team exercises, is being abused by threat actors to deploy malicious payloads, including Havoc, Br… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/red-team-tool-macropack-abused-in-attacks-to-deploy-brute-ratel/
-
Hackers inject malicious JS in Cisco store to steal credit cards, credentials
by
in SecurityNewsCisco’s site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code tha… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-inject-malicious-js-in-cisco-store-to-steal-credit-cards-credentials/
-
Halliburton Confirms Data Stolen in Cyberattack
by
in SecurityNewsThe US oil giant updated an SEC filing to confirm malicious hackers accessed and exfiltrated information from its corporate systems. The post Hallibur… First seen on securityweek.com Jump to article: www.securityweek.com/halliburton-data-theft/
-
Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers
by
in SecurityNewsA new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate down… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/hackers-hijack-22000-removed-pypi.html
-
New Fury Stealer Attacking Victims to Steal Login Passwords
A new malicious software named >>Fury Stealer
-
PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads
by
in SecurityNewsCybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of i… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/new-peaklight-dropper-deployed-in.html
-
Dodging the Cyber Bullet: Early Signs of a Ransomware Attack
by
in SecurityNewsRansomware attacks are a growing menace. Malicious actors are constantly honing their tactics to exploit vulnerabilities and extort ransoms from busin… First seen on itsecurityguru.org Jump to article: www.itsecurityguru.org/2024/08/19/dodging-the-cyber-bullet-early-signs-of-a-ransomware-attack/
-
Operation Oxidovy, Threat Actors Targeting Government And Military Officials
by
in SecurityNewsThe recent campaign targeting the Czech Republic involves a malicious ZIP file that contains a decoy LNK file and a batch script. The LNK runs the bat… First seen on gbhackers.com Jump to article: gbhackers.com/operation-oxidovy-threat-actors/
-
Critical Flaws in Progress Software WhatsUp Gold Expose Systems to Full Compromise
by
in SecurityNewsCensys warns of over 1,200 internet-accessible WhatsUp Gold instances potentially exposed to malicious attacks. The post Critical Flaws in Progress So… First seen on securityweek.com Jump to article: www.securityweek.com/critical-flaws-in-progress-software-whatsup-gold-expose-systems-to-full-compromise/
-
Hackers Exploited Digital Advertising Tools to Launch Malicious Campaigns
by
in SecurityNewsCybersecurity researchers from Mandiant and Google Cloud have uncovered a sophisticated scheme where hackers exploit digital advertising tools to cond… First seen on gbhackers.com Jump to article: gbhackers.com/hackers-exploited-digital-advertising-tools/
-
North Korean Cyberattacks Persist: Developers Targeted via npm
by
in SecurityNewsRecent findings by the Phylum Research Team have brought to light a resurgence of malicious activities on the npm registry, with multiple attack vecto… First seen on securityonline.info Jump to article: securityonline.info/north-korean-cyberattacks-persist-developers-targeted-via-npm/
-
Malicious North Korean packages appear again in open source code repository
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/npm-javascript-repository-north-korean-malware
-
Combating alert fatigue by prioritizing malicious intent
by
in SecurityNews
Tags: maliciousFirst seen on scmagazine.com Jump to article: www.scmagazine.com/perspective/combating-alert-fatigue-by-prioritizing-malicious-intent
-
DarkGate malware spread through malicious Pidgin plugin
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/darkgate-malware-spread-through-malicious-pidgin-plugin
-
PoorTry Windows driver evolves into a full-featured EDR wiper
by
in SecurityNewsThe malicious PoorTry kernel-mode Windows driver used by multiple ransomware gangs to turn off Endpoint Detection and Response (EDR) solutions has evo… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/poortry-windows-driver-evolves-into-a-full-featured-edr-wiper/
-
Versa Director Zero-day Vulnerability Let Attackers Upload Malicious Files
by
in SecurityNewsVersa Networks specializes in successful business. It offers Secure Access Service Edge (SASE), consolidating networking and security services in a si… First seen on gbhackers.com Jump to article: gbhackers.com/versa-director-zero-day-vulnerability-attack/
-
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
by
in SecurityNewsCybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious softwar… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/new-macos-malware-todoswift-linked-to.html
-
A Guide To Selecting The Best URL Filtering Software
by
in SecurityNewsIn the last year alone, the education sector experienced a 44% increase in cyberattacks. Malicious actors frequently target K-12 schools as they posse… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/a-guide-to-selecting-the-best-url-filtering-software/
-
Scam CrowdStrike domains growing in volume
by
in SecurityNewsHundreds of malicious domains exploiting CrowdStrike’s branding are appearing all over the web in the wake of the 19 July outage. Experts from Akamai … First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366599253/Scam-CrowdStrike-domains-growing-in-volume
-
Malware Delivered via Malicious Pidgin Plugin, Signal Fork
by
in SecurityNewsThreat actors delivered malware via instant messaging applications, including a malicious Pidgin plugin and an unofficial Signal fork. The post Malwar… First seen on securityweek.com Jump to article: www.securityweek.com/malware-delivered-via-malicious-pidgin-plugin-signal-fork/