Tag: malicious
-
Solana Library Supply Chain Attack Exposes Cryptocurrency Wallets
by
in SecurityNewsA supply chain attack on the Solana library utilizing malicious npm versions has exposed private keys, putting crypto funds at risk First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/solana-library-supply-chain-attack/
-
Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers
by
in SecurityNewsA suspected Chinese threat actor targeted a large U.S. organization earlier this year as part of a four-month-long intrusion.According to Broadcom-owned Symantec, the first evidence of the malicious activity was detected on April 11, 2024 and continued until August. However, the company doesn’t rule out the possibility that the intrusion may have occurred earlier.”The attackers…
-
Thinkware Cloud APK Vulnerability Allows Code Execution With Elevated Privileges
by
in SecurityNewsA critical vulnerability identified as CVE-202453614 has been discovered in the Thinkware Cloud APK version 4.3.46. This vulnerability arises from the use of a hardcoded decryption key within the application. It allows malicious actors to access sensitive data and execute arbitrary commands with elevated privileges, potentially compromising the security of users’ devices and data. The…
-
Protecting Against Bot-Enabled API Abuse
by
in SecurityNewsAPIs have become the backbone of modern digital ecosystems, powering everything from mobile apps to e-commerce platforms. However, as APIs grow in importance, they also become prime targets for malicious actors. Increasingly, bots are being weaponized to exploit vulnerabilities, overwhelm systems, and siphon sensitive data”, all without triggering alarms until it’s too late. The rise…
-
Solana Web3.js library backdoored to steal secret, private keys
by
in SecurityNewsThe legitimate Solana JavaScript SDK was temporarily compromised yesterday in a supply chain attack, with the library backdoored with malicious code to steal cryptocurrency private keys and drain wallets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/solana-web3js-library-backdoored-to-steal-secret-private-keys/
-
Solana’s popular web3.js library backdoored in supply chain compromise
by
in SecurityNewsA software supply chain attack has lead to the publication of malicious versions of Solana’s web3.js library on the npm registry. Just like the recent Lottie Player … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/04/solana-web3-js-supply-chain-compromise/
-
Cloudflare Developer Domains Abused For Cyber Attacks
by
in SecurityNewsCloudflare Pages, a popular web deployment platform, is exploited by threat actors to host phishing sites, as attackers leverage Cloudflare’s trusted infrastructure, global CDN, and free hosting to quickly set up and deploy convincing phishing sites. Automatic SSL/TLS encryption enhances the sites’ legitimacy, while custom domains and URL masking further obfuscate their malicious nature. Cloudflare’s…
-
Weaponized Word Documents Attacking Windows Users to Deliver NetSupport BurnsRAT
The threat actors distributed malicious JS scripts disguised as legitimate business documents, primarily in ZIP archives with names like >>Purchase request>Request for quote.
-
Researchers Uncover Backdoor in Solana’s Popular Web3.js npm Library
by
in SecurityNewsCybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users’ private keys with an aim to drain their cryptocurrency wallets.The attack has been detected in versions 1.95.6 and 1.95.7. Both these versions are no longer available for download from…
-
MobSF XSS Vulnerability Let Attackers Inject Malicious Scripts
by
in SecurityNewsA critical vulnerability has been identified in the Mobile Security Framework (MobSF) that allows attackers to inject malicious scripts into the system. This vulnerability, CVE-2024-53999 is a Stored Cross-Site Scripting (XSS) flaw found in the >>Diff or Compare
-
CISA Releases Advisory to Monitor Networks to Detect Malicious Cyber Actors
by
in SecurityNews
Tags: advisory, china, cisa, cyber, cybersecurity, exploit, infrastructure, malicious, network, threatThe National Security Agency (NSA) has partnered with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and other entities to release a critical advisory. This initiative comes in response to the exploitation of major global telecommunications providers by a threat actor affiliated with the People’s Republic of China (PRC). The…
-
Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses
by
in SecurityNewsCybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses.”The ongoing attack evades #antivirus software, prevents uploads to sandboxes, and bypasses Outlook’s spam filters, allowing the malicious emails to reach your inbox,” ANY.RUN said in a series of posts…
-
First-ever Linux UEFI bootkit turns out to be student project
by
in SecurityNews
Tags: antivirus, attack, authentication, awareness, computer, conference, cybersecurity, firmware, linux, malicious, malware, microsoft, risk, software, technology, threat, training, update, windowsBootkitty, a recently discovered boot-level UEFI rootkit for Linux, was evidently created by students participating in a cybersecurity training program at the South Korean Information Technology Research Institute (KITRI).The bootkit, found and analyzed by researchers from antivirus vendor ESET last week, showed signs of being a proof of concept rather than production-ready malware. Nevertheless, the…
-
First-ever Linux UEFI bootkit turns out to be research project
by
in SecurityNews
Tags: antivirus, attack, authentication, awareness, computer, conference, cybersecurity, firmware, linux, malicious, malware, microsoft, risk, software, technology, threat, training, update, windowsBootkitty, a recently discovered boot-level UEFI rootkit for Linux, was evidently created by students participating in a cybersecurity training program at the South Korean Information Technology Research Institute (KITRI).The bootkit, found and analyzed by researchers from antivirus vendor ESET last week, showed signs of being a proof of concept rather than production-ready malware. Nevertheless, the…
-
16 Zero-Days Uncovered in Fuji Electric Monitoring Software
by
in SecurityNewsFlaws in Fuji’s Tellus and V-Server Software Pose Risks to Critical Infrastructure. Security researchers have uncovered 16 zero-day vulnerabilities in Japanese equipment manufacturer Fuji Electric’s Tellus and V-Server remote monitoring software that enable attackers to execute malicious code in devices commonly used by utilities and other critical infrastructure providers. First seen on govinfosecurity.com Jump to…
-
Cloudflare’s developer domains increasingly abused by threat actors
by
in SecurityNewsCloudflare’s ‘pages.dev’ and ‘workers.dev’ domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other malicious activities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cloudflares-developer-domains-increasingly-abused-by-threat-actors/
-
PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts
Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated learning (FL) to improve the efficiency and privacy of training large language models (PLMs) on specific tasks. However, this approach introduces a new security risk called >>PEFT-as-an-Attack
-
Hackers Exploited Windows Event Logs Tool log Manipulation, And Data Exfiltration
wevtutil.exe, a Windows Event Log management tool, can be abused for LOLBAS attacks. By manipulating its capabilities, attackers can execute arbitrary commands, download malicious payloads, and establish persistence, all while evading traditional security measures. It is a Windows tool for event log management that can be exploited by attackers to manipulate system logs, potentially concealing…
-
SmokeLoader picks up ancient MS Office bugs to pack fresh credential stealer
by
in SecurityNewsThreat actors are using a well-known modular malware loader, SmokeLoader, to exploit known Microsoft Office vulnerabilities and steal sensitive browser credentials.The loader which runs a framework to deploy multiple malware modules, was observed by Fortinet’s FortiGuard Labs in attacks targeting manufacturing, healthcare, and IT companies in Taiwan.”SmokeLoader, known for its ability to deliver other malicious…
-
Just Like Windows: Linux Targeted by First-Ever UEFI Bootkit – UPDATED
by
in SecurityNewsLinux-Targeting Bootkitty Appears More Proof-of-Concept Than Threat, Researchers Say. Cybersecurity researchers have discovered the first-ever UEFI bootkit designed to target Linux systems and subvert their boot process for malicious purposes. The Bootkitty malware, first uploaded to VirusTotal this month, appears to be more proof of concept than full-fledged threat, they said. First seen on govinfosecurity.com…
-
Malicious Ads in Search Results Are Driving New Generations of Scams
by
in SecurityNewsThe scourge of “malvertising” is nothing new, but the tactic is still so effective that it’s contributing to the rise of investment scams and the spread of new strains of malware. First seen on wired.com Jump to article: www.wired.com/story/malicious-ads-in-search-results-are-driving-new-generations-of-scams/
-
Beware Of Malicious PyPI Packages That Inject infostealer Malware
Recent research uncovered a novel crypto-jacking attack targeting the Python Package Index (PyPI), where malicious actors uploaded a legitimate-seeming cryptocurrency client package, >>aiocpa,
-
How threat actors can use generative artificial intelligence?
by
in SecurityNewsGenerative Artificial Intelligence (GAI) is rapidly revolutionizing various industries, including cybersecurity, allowing the creation of realistic and personalized content. The capabilities that make Generative Artificial Intelligence a powerful tool for progress also make it a significant threat in the cyber domain. The use of GAI by malicious actors is becoming increasingly common, enabling them to…