Security Affairs
New Version of Meduza Stealer Released in Dark Web
The Resecurity's HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web.
Security Affairs
The Resecurity's HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web.
The Record
Before the Russian elections, Meduza was the target of "the most intense cyber campaign" in its history. Since then, the onslaught hasn't let up.
The Hacker News
Your crypto wallet, your secrets, even your games – NOTHING is safe from Meduza Stealer. Discover how this crimeware stays ahead of the game.
Security Affairs
Researchers spotted a new Windows information stealer called Meduza Stealer, the authors employ sophisticated marketing strategies to promote it. The Meduza Stealer can steal browsing activities and extract a wide array of browser-related data, including login credentials, browsing history and bookmarks. The malware also targets crypto wallet extensions, password managers, and 2FA extensions. The authors are […]
Infosecurity News
Uptycs discovered the new threat while monitoring dark web forums and Telegram channels
The Record
The organization, operating from Latvia and under constant pressure from the Putin regime, says "our tech team has never encountered threats at this scale before.”
Cyber Security News
The iPhone of Galina Timchenko, the co-founder, CEO, and publisher of the Russian independent media outlet Meduza was found to have NSO Group's Pegasus spyware.
The Record
The phone of a prominent Russian journalist and critic of the Kremlin was infected with Pegasus spyware, according to new research.
The Record
All of the newly identified Pegasus victims live in Europe in exile and had previously “faced intense threats” from Russia or Belarus, according to Access Now and Citizen Lab.
The Record
After the news that the prominent media figure Galina Timchenko was hacked with Pegasus, three other Russian-speaking journalists said they too received warnings of spyware on their phones.
The Record
The future of Russia’s infamous Internet Research Agency, a "troll factory" that meddled in the 2016 U.S. presidential election, is uncertain after its founder Yevgeny Prigozhin fled to Belarus following his attempted military coup.
Security Affairs
JinxLoader is a new Go-based loader that was spotted delivering next-stage malware such as Formbook and XLoader.
Security Affairs
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Google addressed 3 actively exploited flaws in Android Iran-linked APT TA453 targets Windows and macOS systems […]
SecurityWeek
Russia’s state communications watchdog has ordered to completely block access to Facebook in Russia amid the tensions over the war in Ukraine
The Record
News that the Russian security service could potentially get access to data from the Yandex taxi service has raised alarms among users and regulators in Europe and Central Asia.
Security Affairs
State communications watchdog Roskomnadzor has ordered to block access to Facebook in Russia amid the ongoing invasion of Ukraine. State communications watchdog Roskomnadzor ordered to block access to Facebook over its decision to ban Russian media and state information resources. The block comes after Facebook recently deactivated or restricted access to accounts belonging to media […]
SecurityWeek
CISA hacked via Ivanti vulnerabilities, Chinese electronic lock backdoors, 12 million secrets exposed on GitHub.
The Cyber Express
Seven Russian and Belarusian-speaking independent journalists and opposition activists based in Europe were targeted or infected with NSO Group’s proprietary
Security Affairs
An exposed database and secrets on a third-party app puts Clash of Clans players at risk of attacks from threat actors.
Latest Hacking News
Researchers have found numerous malware groups actively exploiting a Google Cookie vulnerability for session hijacking. The exploit not only allows access to the target account but also resists disruption by regenerating valid cookies for persistent
DarkReading
The exploit is one of many that government and intelligence agencies have to infect target devices with the notorious surveillance tool.
CyberNews
Media outlets are forced to suspend reporting in Russia after Vladimir Putin signed a so-called 'fake news' law that threatens journalists with up to 15 years in jail.
Security Affairs
CloudSEK researchers analyzed a zero-day exploit that can allow the generation of persistent Google cookies through token manipulation.
The Hacker News
Information-stealing malware is exploiting an undocumented Google OAuth endpoint called MultiLogin to hijack user sessions.
The Hacker News
A new malware loader called JinxLoader is being used by threat actors to deliver payloads such as Formbook and XLoader.
The Record
The Israel-based maker of Pegasus spyware reported hiring two lobbyists from the Washington-based law firm Steptoe & Johnson.
The Record
Reporters Without Borders (RSF) found spyware intrusions from 2021 on the phones of two journalists who are on trial for allegedly defaming a government minister.
The Hacker News
The threat actor UAC-0050 is using phishing attacks to distribute the Remcos RAT while employing new strategies to avoid detection.
CyberNews
Google is aware of recent reports of a malware family stealing session tokens and recommend turning on Enhanced Safe Browsing in Chrome.
The Hacker News
APT28, the Russian nation-state threat actor, is using lures related to the Israel-Hamas war to distribute the HeadLace backdoor.
The Hacker News
Russian journalist Galina Timchenko's iPhone hacked with NSO Group's Pegasus spyware
HACKRead
Among others, developers of the infamous Lumma, an infostealer malware, are already using the exploit by employing advanced tactics like token manipulation and encryption in targeted attacks.
Bleeping Computer
Russia has blocked access to the Facebook social network after Meta, Facebook's parent company, deactivated or restricted access to accounts belonging pr-Kremlin media outlets and news agencies, including RIA Novosti, Sputnik, and Russia Today.
The Hacker News
New threat: BunnyLoader 3.0 malware variant emerges with advanced modules for data theft, keylogging, and evasion tactics.
Krebs on Security
In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum's founders was an attorney who advised Russia's top hackers on the legal risks of their work, and what to do if…
The Record
DDoSecrets has distributed hacked and leaked data from more than 200 entities, including U.S. law enforcement agencies, fascist groups, shell companies, tax havens, and the far-right social media sites Gab and Parler.
SecurityWeek
The financially motivated UNC3944 group that hacked MGM has hit at least 100 organizations, mainly in the US and Canada.
Security Affairs
Researchers found a new variant of the BunnyLoader malware with a modular structure and new evasion capabilities.
Security Affairs
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
The Hacker News
UNC3944 threat actor now turns to ransomware attacks, targeting critical systems. Understand their tactics, and learn how to protect your organization
The Record
Apple also updated its support page, explaining how the threat notifications work and what targeted users should do if they receive one.
The Record
The delivery company CDEK attributed disruption to its services to a “massive technical failure” but a Russian government official confirmed it was caused by a cyberattack.
CSO
OAuth endpoint “MultiLogin” identified as root for Google Chrome’s widely adopted session jacking exploit.
The Record
As Russia prepares for its presidential election this week, its systems are reportedly being targeted by “massive” cyberattacks, according to local authorities.
The Hacker News
Chrome's new feature, DBSC (Device Bound Session Credentials), aims to safeguard users against cookie theft by malware.
The Record
Czech software giant JetBrains harshly criticized security company Rapid7 this week following a dispute over two recently-discovered vulnerabilities.
SecurityWeek
Noteworthy stories that might have slipped under the radar: China blames NSA for a cyberattack, AI jailbreaks, and Netography spin-off.
The Cyber Wire
Russia continues to accept high casualties as hopes in Moscow grow that Western support for Ukraine will fade.
DarkReading
Infostealers such as Lumma and Rhadamanthys have integrated the generation of persistent Google cookies through token manipulation
CyberScoop
The notorious Israeli spyware was used to target journalists often working in exile from their authoritarian home countries, report finds.