Tag: malicious
-
Malware Delivered via Malicious Pidgin Plugin, Signal Fork
by
in SecurityNewsThreat actors delivered malware via instant messaging applications, including a malicious Pidgin plugin and an unofficial Signal fork. The post Malwar… First seen on securityweek.com Jump to article: www.securityweek.com/malware-delivered-via-malicious-pidgin-plugin-signal-fork/
-
Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks
Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate ser… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/xeon-sender-tool-exploits-cloud-apis.html
-
Exchange Online mistakenly tags emails as malware
by
in SecurityNewsMicrosoft is investigating an Exchange Online false positive issue causing emails containing images to be wrongly tagged as malicious and sent to quar… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-mistakenly-tags-emails-as-malware/
-
Novel Technique Allows Malicious Apps To Escape Walled Gardens
by
in SecurityNews
Tags: maliciousFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36244/Novel-Technique-Allows-Malicious-Apps-To-Escape-Walled-Gardens.html
-
Versa fixes Director zero-day vulnerability exploited in attacks
by
in SecurityNewsVersa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/versa-fixes-director-zero-day-vulnerability-exploited-in-attacks/
-
Log4j Vulnerability Exploited Again To Deploy Crypto-Mining Malware
by
in SecurityNewsRecent attacks exploit the Log4j vulnerability (Log4Shell) by sending obfuscated LDAP requests to trigger malicious script execution, which establishe… First seen on gbhackers.com Jump to article: gbhackers.com/log4j-exploited-crypto-mining/
-
Android malware uses NFC to steal money at ATMs
ESET researchers uncovered NGate malware, which can relay data from victims’ payment cards via a malicious app installed on their Android devices to t… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/22/android-malware-nfc-data-atm-withdrawals/
-
New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads
by
in SecurityNewsCybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of i… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/new-peaklight-dropper-deployed-in.html
-
The Growing Challenge of Headless Browser Attacks: How to Defend Your Digital Assets
by
in SecurityNewsIn the escalating battle against malicious headless bots, basic detection methods are no longer sufficient. As cybercriminals refine their techniques … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/the-growing-challenge-of-headless-browser-attacks-how-to-defend-your-digital-assets/
-
Cryptohack Roundup: Investors Sue Binance
by
in SecurityNewsAlso: Malicious Chrome Extension; Mango Markets-SEC Settlement. This week, Binance, ASX and Google sued; Solana users targeted; McDonalds’ X account h… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-investors-sue-binance-a-26116
-
Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service
by
in SecurityNewsCybersecurity researchers have discovered two security flaws in Microsoft’s Azure Health Bot Service that, if exploited, could permit a malicious acto… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/researchers-uncover-vulnerabilities-in_0471960302.html
-
Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys
by
in SecurityNewsCybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that masquerades as a library from the… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/rogue-pypi-library-solana-users-steals.html
-
Autodesk AutoCAD Vulnerability Let Attackers Execute Arbitrary Code
by
in SecurityNewsAutodesk has disclosed a critical vulnerability in its AutoCAD software, which could allow malicious actors to execute arbitrary code. This vulnerabil… First seen on gbhackers.com Jump to article: gbhackers.com/autodesk-autocad-vulnerability/
-
Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to att… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/18/week-in-review-ms-office-flaw-may-leak-ntlm-hashes-malicious-chrome-edge-browser-extensions/
-
Sonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on Users
by
in SecurityNewsCybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on … First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/new-flaws-in-sonos-smart-speakers-allow.html
-
Tech support scammers impersonate Google via malicious search ads
Google Search ads that target users looking for Google’s own services lead them to spoofed sites and Microsoft and Apple tech support scams. The fake … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/16/google-ads-support-scams/
-
0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices
by
in SecurityNewsCybersecurity researchers have discovered a new 0.0.0.0 Day impacting all major web browsers that malicious websites could take advantage of to breach… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/0000-day-18-year-old-browser.html
-
Millions of Pixel devices can be hacked due to a pre-installed vulnerable app
by
in SecurityNewsMany Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixe… First seen on securityaffairs.com Jump to article: securityaffairs.com/167130/security/pixel-devices-pre-installed-vulnerable-app.html
-
Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
by
in SecurityNewsCybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious Java… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/roundcube-webmail-flaws-allow-hackers.html
-
North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry
by
in SecurityNewsThe North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the … First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/north-korean-hackers-moonstone-sleet.html
-
0.0.0.0 Day Browser Flaw Enables Malicious Requests To Local Networks
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36198/0.0.0.0-Day-Browser-Flaw-Enables-Malicious-Requests-To-Local-Networks.html
-
Malicious browser extensions leveraged in widespread malware compromise
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/malicious-browser-extensions-leveraged-in-widespread-malware-compromise
-
AWS unveils Mithra to identify and mitigate malicious domains across its massive system
by
in SecurityNewsWhen a company is the size of Amazon, a lot of bad actors will come after it and its customers, which makes defending the network a monster job. Over … First seen on techcrunch.com Jump to article: techcrunch.com/2024/08/05/aws-launches-mithra-to-identify-and-mitigate-malicious-domains/
-
China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates
The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to targ… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/china-linked-hackers-compromise-isp-to.html
-
Chrome, Edge users beset by malicious extensions that can’t be easily removed
by
in SecurityNewsA widespread campaign featuring a malicious installer that saddles users with difficult-to-remove malicious Chrome and Edge browser extensions has bee… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/12/chrome-edge-malicious-browser-extensions/
-
Hackers posing as Ukraine’s Security Service infect 100 govt PCs
by
in SecurityNewsAttackers impersonating the Security Service of Ukraine (SSU) have used malicious spam emails to target and compromise systems belonging to the countr… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-posing-as-ukraines-security-service-infect-100-govt-pcs/
-
Malware-asService and Ransomware-asService lower barriers for cybercriminals
by
in AllgemeinThe sophistication of cyber threats has escalated dramatically, with malicious actors’ deploying advanced tactics, techniques, and procedures (TTPs) t… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/09/maas-threat-landscape/
-
China’s Evasive Panda Attacks ISP to Send Malicious Software Updates
First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinas-evasive-panda-attacks-isp-to-send-malicious-software-updates