Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 6

Oct 13, 2023

DarkGate Malware Spreading via Messaging Services Posing as PDF Files

Posted by in category: cybercrime/malcode

🚨 Beware! DarkGate #malware is now spreading through instant messaging apps like Skype & #Microsoft Teams. Stay cautious and don’t open suspicious documents!

Oct 13, 2023

Adobe Acrobat Reader Vuln Now Under Attack

Posted by in category: cybercrime/malcode

Patch now if you haven’t already: Adobe Acrobat Reader exploits are in the wild. #Adobe


The Cybersecurity Infrastructure & Security Agency (CISA) this week added to its catalog of known exploited vulnerabilities an Adobe Acrobat Reader use-after-free bug.

Adobe Acrobat and Reader Document Cloud Versions 22.003.20282 and 22.003.20281 and earlier contain the flaw (CVE-2023–21608), as do Adobe Acrobat and Reader 20.005.30418 and earlier. The use-after-free vuln allows an attacker to remotely execute malicious code on a compromised account, and execute the exploit when a victim opens the rigged PDF file.

Continue reading “Adobe Acrobat Reader Vuln Now Under Attack” »

Oct 13, 2023

New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software

Posted by in category: cybercrime/malcode

🚨 Heads up! A new malware, ZenRAT, is posing as Bitwarden password manager installation packages.

Read:

Make sure to download software from trusted sources only.

Continue reading “New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software” »

Oct 12, 2023

New cyber algorithm shuts down malicious robotic attack

Posted by in categories: cybercrime/malcode, information science, military, robotics/AI

Australian researchers have designed an algorithm that can intercept a man-in-the-middle (MitM) cyberattack on an unmanned military robot and shut it down in seconds.

In an experiment using deep learning to simulate the behavior of the human brain, artificial intelligence experts from Charles Sturt University and the University of South Australia (UniSA) trained the robot’s operating system to learn the signature of a MitM eavesdropping cyberattack. This is where attackers interrupt an existing conversation or .

The algorithm, tested in real time on a replica of a United States army combat ground vehicle, was 99% successful in preventing a malicious attack. False positive rates of less than 2% validated the system, demonstrating its effectiveness.

Oct 12, 2023

Internet companies report biggest-ever denial of service operation

Posted by in categories: cybercrime/malcode, internet

WASHINGTON, Oct 11 (Reuters) — Internet companies Google, Amazon and Cloudflare say they have weathered the internet’s largest-known denial of service attack and are sounding the alarm over a new technique they warn could easily cause widespread disruption.

Alphabet Inc-owned Google (GOOGL.O)said in a blog post published Tuesday that its cloud services had parried an avalanche of rogue traffic more than seven times the size of the previous record-breaking attack thwarted last year.

Internet protection company Cloudflare Inc (NET.N)said the attack was “three times larger than any previous attack we’ve observed.” Amazon.com Inc’s (AMZN.O) web services division also confirmed being hit by “a new type of distributed denial of service (DDoS) event.”

Oct 12, 2023

Researchers Uncover Malware Posing as WordPress Caching Plugin

Posted by in category: cybercrime/malcode

A new malware disguises as a WordPress caching plugin, secretly creating admin accounts to control your site.

Oct 12, 2023

Researchers Uncover Ongoing Attacks Targeting Asian Governments and Telecom Giants

Posted by in categories: cybercrime/malcode, government

Cybersecurity experts uncover an ongoing threat to government and telecom entities in Asia. Learn how a campaign named “Stayin’ Alive” is deploying #malware.

Check out the details:

Oct 12, 2023

HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks

Posted by in category: cybercrime/malcode

⚡ Beware of the HTTP/2 Rapid Reset attack!

A novel zero-day flaw is being exploited to launch record-breaking distributed #DDoS attacks.

Find out more here: https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html.

Continue reading “HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks” »

Oct 11, 2023

Data Thieves Test-Drive Unique Certificate Abuse Tactic

Posted by in categories: cryptocurrencies, cybercrime/malcode

https://informatech.co/3RVp6BM by Elizabeth Montalbano.


Attackers are employing a new type of certificate abuse in an attempt to spread info-stealing malware, with the aim of collecting credentials and other sensitive data. In some instances, the goal is to steal cryptocurrency from Windows systems.

The campaign uses search engine optimization (SEO) poisoning to deliver search results featuring malicious pages promoting illegal software cracks and downloads. In the background, the pages deliver remote access Trojans (RATs) known as LummaC2, and RecordBreaker (aka Raccoon Stealer V2) researchers from South Korea-based AhnLab revealed in a blog post on Oct. 10.

Continue reading “Data Thieves Test-Drive Unique Certificate Abuse Tactic” »

Oct 11, 2023

Badbox Operation Targets Android Devices in Fraud Schemes

Posted by in categories: cybercrime/malcode, robotics/AI

After a researcher discovered that an Android TV streaming box, known as T95, was infected with preloaded malware, researchers at Human Security released information regarding the extent of infected devices and how malicious schemes are connected to these corrupted products.

Daniel Milisic, a systems security consultant, created a script alongside instructions to help other users mitigate the threat after first coming across the issue. Now, Human Security’s threat intelligence and research team has dubbed the operation “Bandbox,” which it characterizes as a complex, interconnected series of ad fraud schemes on a massive scale.

Human Security describes the operation as “a global network of consumer products with firmware backdoors installed and sold through a normal hardware supply chain.” Once activated, the malware on the devices connect to a command-and-control (C2) server for further instructions. In tandem, a botnet known as Peachpit is integrated with Badbox, and engages in ad fraud, residential proxy services, fake email/messaging accounts, and unauthorized remote code installation.

Page 6 of 191First345678910Last