Tag: malicious
-
9 VPN alternatives for securing remote network access
by
in SecurityNews
Tags: access, ai, api, attack, authentication, automation, best-practice, business, cloud, compliance, computer, computing, control, corporate, credentials, cve, cybercrime, cybersecurity, data, defense, detection, dns, encryption, endpoint, exploit, firewall, fortinet, group, guide, Hardware, iam, identity, infrastructure, Internet, iot, least-privilege, login, malicious, malware, mfa, microsoft, monitoring, network, office, password, ransomware, risk, router, saas, service, software, strategy, switch, threat, tool, update, vpn, vulnerability, vulnerability-management, waf, zero-trustOnce the staple for securing employees working remotely, VPNs were designed to provide secure access to corporate data and systems for a small percentage of a workforce while the majority worked within traditional office confines. The move to mass remote working brought about by COVID-19 in early 2020 changed things dramatically. Since then, large numbers…
-
Dell Wyse Management Suite Vulnerabilities Let Attackers Exploit Affected Systems Remotely
by
in SecurityNewsDell Technologies has released a security update for its Wyse Management Suite (WMS) to address multiple vulnerabilities that could allow malicious users to compromise affected systems. Wyse Management Suite is a flexible hybrid cloud solution that empowers IT admin to securely manage Dell client devices from anywhere. The vulnerabilities identified in Dell Wyse Management Suite are…
-
Infostealers VietCredCare and DuckTail Fuel Facebook Business Account Exploitation
Vietnam has become a hotspot for malicious operations targeting Facebook Business accounts, with threat actors leveraging infostealers like VietCredCare and DuckTail. According to a report from Group-IB, these malware families... First seen on securityonline.info Jump to article: securityonline.info/infostealers-vietcredcare-and-ducktail-fuel-facebook-business-account-exploitation/
-
Thai police arrested Chinese hackers involved in SMS blaster attacks
by
in SecurityNewsThai authorities arrested fraud gangs in Bangkok for SMS blaster attacks, they used fake cell towers to send thousands of malicious SMS messages to nearby phones. Thai authorities arrested members of two Chinese cybercrime organizations, one of these groups carried out SMS blaster attacks. The crooks were driving through Bangkok’s streets while sending hundreds of…
-
Mysterious Elephant Using Hajj-Themed Bait in Attacks
Group Deploys Upgraded Malware Disguised as Microsoft File on Pilgrimage Goers. A South Asian threat actor identified as Mysterious Elephant or APT-K-47 by Knownsec 404 researchers is using a Hajj-themed lure to trick victims into malicious payload disguised as a Windows file. The hacker is using upgraded Asyncshell malware disguised as a Microsoft Compiled HTML…
-
Authorities catch ‘SMS blaster’ gang that drove around Bangkok sending thousands of phishing messages
by
in SecurityNewsThai authorities said the crime gang sent around a million malicious SMS text messages to nearby residents over a three-day period in November. First seen on techcrunch.com Jump to article: techcrunch.com/2024/11/25/authorities-catch-sms-blaster-gang-that-drove-around-bangkok-sending-thousands-of-phishing-messages/
-
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
by
in SecurityNewsOperation Synergia II took aim at phishing, ransomware, and information stealing. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2024/11/law-enforcement-operation-takes-down-22000-malicious-ip-addresses-worldwide/
-
Weaponized pen testers are becoming a new hacker staple
by
in SecurityNews
Tags: access, attack, cloud, credentials, defense, google, hacker, iam, intelligence, linux, macOS, malicious, malware, microsoft, open-source, password, penetration-testing, RedTeam, software, strategy, threat, tool, vulnerability, windowsMalicious adaptations of popular red teaming tools like Cobalt Strike and Metasploit are causing substantial disruption, emerging as a dominant strategy in malware campaigns.According to research by threat-hunting firm Elastic, known for its search-powered solutions, these two conventional penetration testing tools were weaponized to account for almost half of all malware activities in 2024.”The most…
-
Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks
by
in SecurityNewsPhishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims to fake login pages hosted on Weebly, targeting telecommunications and financial sectors in late October 2024. Financially motivated threat actors exploit Weebly’s ease of use and reputation to host phishing pages, bypassing security measures and leveraging the platform’s legitimacy to…
-
Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials
by
in SecurityNewsThe Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced techniques, whereas recent variants focus on stealing Facebook Ads Manager budget details, potentially enabling malicious ad campaigns. Now they pilfer credit card information alongside browser credentials, and to bypass security measures, the malware utilizes Windows Restart Manager to unlock browser…
-
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot
The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via Telegram.The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to…
-
npm Package Lottie-Player Compromised in Supply Chain Attack
by
in SecurityNewsnpm package @lottiefiles/lottie-player hacked with malicious code, draining crypto wallets via web3 pop-ups First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/npm-package-lottieplayer-supply/
-
Wallet Scam: A Case Study in Crypto Drainer Tactics
ey takeaways Introduction Crypto drainers are malicious tools that steal digital assets like NFTs, and tokens from cryptocurrency wallets. They often … First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/walletconnect-scam-a-case-study-in-crypto-drainer-tactics/
-
Blov HTML Crypter: Phishing Evasion Through Encryption and Obfuscation
by
in SecurityNewsCybercriminals are sharpening their phishing tactics with tools like Blov HTML Crypter, a utility that modifies HTML files to evade detection by security scanners. By employing techniques such as minification, encryption, and encoding, this tool transforms malicious HTML content into a form that’s harder for security systems to recognize. Contact a SlashNext security expert… First…
-
XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests
by
in SecurityNewsA significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute malicious JavaScript and send crafted requests to interconnected Microsoft applications like Outlook, OneDrive, and Copilot. The exploit leveraged the trust placed in Bing’s root domain (www.bing.com) as an allowed origin across Microsoft’s ecosystem, posing a significant security risk. The Research…
-
Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections
by
in SecurityNewsCybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to disarm security protections and ultimately gain access to the infected system.”This malware takes a more sinister route: it drops a legitimate Avast Anti-Rootkit driver (aswArPot.sys) and manipulates it to carry out its destructive agenda,” Trellix…
-
Meta Removed 2 Million Account Linked to Malicious Activities
by
in SecurityNewsMeta has announced the removal of over 2 million accounts connected to malicious activities, including sophisticated fraud schemes such as >>pig butchering.
-
Massive Credit Card Leak, Database of 1,221,551 Cards Circulating on Dark Web
by
in SecurityNews
Tags: breach, credit-card, cyber, cybersecurity, dark-web, data, data-breach, finance, leak, maliciousA massive data breach has sent shockwaves across the globe, as a database containing sensitive financial information for over 1.2 million credit cards has been leaked on the dark web. According to reports from cybersecurity watchers, the database was shared for free, making it accessible to malicious actors worldwide. The alarming revelation was first highlighted…
-
Hackers abuse Avast anti-rootkit driver to disable defenses
by
in SecurityNewsA new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-abuse-avast-anti-rootkit-driver-to-disable-defenses/
-
Response to CISA Advisory (AA24-326A): Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
by
in SecurityNewsIn response to the recently published CISA Advisory (AA24-326A) which highlights the CISA Red Team’s simulation of real-world malicious cyber operations, AttackIQ has provided actionable recommendations to help organizations emulate these attacks. These guidelines enable organizations to emulate tactics and techniques, helping to assess and improve their defenses against similar adversarial behaviors. First seen on…
-
APT47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asynshell.The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft Compiled HTML Help (CHM) file, the Knownsec 404 team said in an analysis published…
-
China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign
A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection.”The attackers embedded malicious JavaScript in these sites, which spoofed a TLS certificate error to trick visitors into downloading a First seen on…
-
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
by
in SecurityNews
Tags: access, advisory, ai, application-security, attack, backup, best-practice, breach, cisa, cloud, computer, cve, cyber, cyberattack, cybercrime, cybersecurity, data, exploit, extortion, firewall, framework, governance, government, group, guide, Hardware, incident, incident response, infrastructure, injection, intelligence, Internet, LLM, malicious, microsoft, mitigation, mitre, monitoring, network, nist, office, open-source, powershell, privacy, ransomware, regulation, risk, risk-management, russia, service, skills, software, sql, strategy, supply-chain, tactics, technology, theft, threat, tool, update, vulnerability, vulnerability-management, windowsDon’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against…
-
Hackers Use Telegram Channels To Deliver Lumma Stealer Sophisticatedly
Lumma Stealer, a sophisticated information-stealing malware, is spreading through Telegram channels, exploiting the platform’s popularity to bypass traditional security measures and target unsuspecting users, potentially compromising sensitive data. The Telegram channel >>hitbase,
-
PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
by
in SecurityNewsCybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI ChatGPT and Anthropic Claude to deliver an information stealer called JarkaStealer.The packages, named gptplus and claudeai-eng, were uploaded by a user named “Xeroline” in November 2023, attracting First seen on thehackernews.com…