Infosecurity News
PDF Exploitation Targets Foxit Reader Users
CPR said exploit builders in .NET and Python have been employed to deploy this malware
The Hacker News
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version
A newer version of the Hijack Loader malware has been observed with updated anti-analysis techniques to evade detection.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
The Record
Organizations patch CISA KEV list bugs 3.5 times faster than others, researchers find
Researchers at Bitsight asked whether organizations remediate software and hardware vulnerabilities faster if they're on the federal government's list. The resulting data added up to a resounding "yes."
DarkReading
Microsoft Patch Tuesday Tsunami: No Zero-Days, but an Asterisk
Microsoft patched a record number of 147 new CVEs this month, though only three are rated "Critical."
Infosecurity News
New JSOutProx Malware Targets Financial Firms in APAC, MENA
First found in 2019, JSOutProx combines JavaScript and .NET functionalities to infiltrate systems
.webp)
Cyber Security News
New Pikabot Campaign Weaponizes HTML, Javascript & Excel Files
McAfee Labs' findings reveal how Pikabot leverages a variety of file types, including HTML, Javascript, and Excel, to breach security defenses.
DarkReading
Ransomware, Junk Bank Accounts: Cyberthreats Proliferates in Vietnam
An economic success story in Asia, Vietnam is seeing more manufacturing and more business investment. But with that comes a significant uptick in cybercrime as well.
The Hacker News
Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors
TA558, the notorious threat actor, is back in action, hitting Spain, Mexico, U.S., and more with Venom RAT.
Security Affairs
Security Affairs newsletter Round 463 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
Recent DarkGate campaign exploited Microsoft Windows zero-day
Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability
DarkReading
Windows SmartScreen Bypass Flaw Exploited to Drop DarkGate RAT
Attackers use Google redirects in their phishing attack leveraging a now-patched vulnerability that aims to spread the multifaceted malware.
The Hacker News
DarkGate Malware Exploits Recently Patched Microsoft Flaw in Zero-Day Attack
A new DarkGate malware campaign uses a recently patched #MicrosoftWindows flaw (CVE-2024-21412) to deploy malicious software via bogus installers.
Bleeping Computer
Hackers abuse Windows SmartScreen flaw to drop DarkGate malware
A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
Bleeping Computer
Hackers exploit Windows SmartScreen flaw to drop DarkGate malware
A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
Trend Micro
CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign
In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.
Infosecurity News
TA4903 Phishing Campaigns Evolve, Targets US Government
Proofpoint said TA4903 adopted new tactics, including lure themes referencing confidential docs and ACH payments
HACKRead
Nepali Hacker Tops Hall of Fame by Reporting Facebook's Zero-Click Flaw
Samip Aryal, a Nepali bug bounty hunter, discovered a zero-click flaw in Facebook's password reset system, allowing actors to hack any account.
Bleeping Computer
Need to Know: Key Takeaways from the Latest Phishing Attacks
This article takes a look at some lessons from recent phishing attacks and highlights actionable tips to limit the risks of phishing affecting your company.
HACKRead
Linked Oculus Accounts Trigger Facebook and Instagram Suspension
Users are reporting a connection between suspensions and their linked Oculus accounts, indicating a potential security issue within the VR platform.
Cyber Security News
How to Analyse Crypto Malware in ANY.RUN Sandbox ?
ANY.RUN, an interactive malware sandbox, has published a comprehensive analysis of the growing threat that crypto-malware poses.
Infosecurity News
PDF Malware on the Rise, Used to Spread WikiLoader, Ursnif and DarkGat
Cybercriminals are increasingly using PDFs to deliver malware, with a 7% rise in threats detected in Q4 2023 compared to Q1, according to a HP Wolf Security report
The Hacker News
Malicious 'SNS Sender' Script Abuses AWS for Bulk Smishing Attacks
A malicious Python script allowing cybercriminals to launch SMS phishing attacks via AWS SNS
CyberNews
DarkGate gang using CAPTCHA to spread malware
Legal advertising tools are being leveraged by cybercriminals to conceal their illicit campaigns and track victims.
The Hacker News
Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days
Microsoft's latest Patch Tuesday tackles 73 vulnerabilities, including actively exploited zero-days.
Bleeping Computer
Bumblebee malware attacks are back after 4-month break
The Bumblebee malware has returned after a four-month vacation, targeting thousands of organizations in the United States in phishing campaigns.
Bleeping Computer
5 Steps to Improve Your Security Posture in Microsoft Teams
Microsoft Teams is susceptible to a growing number of cybersecurity threats as its massive user base is an attractive target for cybercriminals. Learn more from Adaptive Shield on how to increase your Microsoft Teams security posture.
The Hacker News
PikaBot Resurfaces with Streamlined Code and Deceptive Tactics
PikaBot malware undergoes a dramatic transformation, simplifying its code and communication methods
Trend Micro
CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day
The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.
The Hacker News
U.S. Offers $10 Million Bounty for Info Leading to Arrest of Hive Ransomware Leaders
U.S. Department of State is offering up to $10 million for information on Hive ransomware operators.
The Hacker News
New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw
Cybercriminals are targeting Mexican users with a new variant of the Mispadu banking malware, exploiting a patched Windows SmartScreen bypass flaw
HACKRead
AnyDesk Urges Password Change Amid Security Breach
AnyDesk, a remote desktop software maker, has reportedly become a victim of a cyberattack that compromised its production systems.
HACKRead
Microsoft Teams External Access Abuses to Spread DarkGate Malware
Microsoft Teams targeted for phishing and malware attacks. Learn how to protect your organization against these evolving cyber threats.
Bleeping Computer
Microsoft Teams phishing pushes DarkGate malware via group chats
New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems.
Infosecurity News
Ransomware Incidents Hit Record High, But Law Enforcement Takedowns Sl
New data from Corvus found that ransomware incidents rose by 68% in 2023 compared to 2022, but law enforcement takedowns led to a fall in Q4
Security Affairs
Yearly Intel Trend Review: The 2023 RedSense report
The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity.
The Hacker News
SystemBC Malware's C2 Server Analysis Exposes Payload Delivery Tricks
Cybersecurity experts reveal the inner workings of SystemBC's command-and-control (C2) server, a dangerous malware available on the dark web.
The Hacker News
Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware
TA866 is back with thousands of invoice-themed, booby-trapped emails targeting users with WasabiSeed and Screenshotter malware.
HACKRead
New Phishing Scam Hooks META Businesses with Trademark Threats
The phishing scam falsely asserts that the victim’s Facebook page will be permanently deleted due to a post allegedly infringing on trademark rights. However, there is no actual infringement; it’s all part of the scammer’s malicious plan.
Infosecurity News
Phemedrone Stealer Targets Windows Defender Flaw Despite Patch
The malware targets browsers, steals crypto wallet and messaging app data, and collects system information
HACKRead
British Cosmetics Retailer Lush Investigating Cyber Attack
Lush Retail Ltd., a popular British cosmetics retailer headquartered in Poole, Dorset, is investigating a cyber attack. Still, it is unclear whether it is a ransomware attack, a data breach, or a DDoS attack causing disruption.
DarkReading
Pikabot Malware Surfaces As Qakbot Replacement for Black Basta Attacks
An emerging threat actor, Water Curupira, is wielding a new, sophisticated loader in a series of thread-jacking phishing campaigns that precede ransomware.
The Hacker News
Alert: Water Curupira Hackers Actively Distributing PikaBot Loader Malware
Beware of Water Curupira! This threat actor is spreading PikaBot, more than a malware loader – it's a gateway to ransomware attacks.
Trend Micro
A Look Into Pikabot’s Spam Wave Campaign
Pikabot is a loader with similarities to Qakbot that was used in spam campaigns during most of 2023. Our blog entry provides a technical analysis of this malware.
Security Affairs
Security Affairs newsletter Round 453 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
The Hacker News
New JinxLoader Targeting Users with Formbook and XLoader Malware
A new malware loader called JinxLoader is being used by threat actors to deliver payloads such as Formbook and XLoader.
HACKRead
Microsoft Disables App Installer After Feature is Abused for Malware
Microsoft has disabled the App Installer feature to protect users and prevent threat actors from maliciously exploiting its products and features.
The Hacker News
Microsoft Disables MSIX App Installer Protocol Widely Used in Malware Attacks
Microsoft takes action against malware threat: disables ms-appinstaller protocol handler by default.
The Record
Microsoft disables app installation protocol abused by hackers
Microsoft said Thursday that it disabled a feature intended to streamline app installation after it discovered financially motivated hacking groups using it to distribute malware.
Cyber Security News
DarkGate Malware Delivered Via Weaponized Fake Browser Updates
Weaponized Fake Browser Updates and Emails Spread DarkGate Malware also known as BattleRoyal, permits the execution of further malware.
The Hacker News
Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware
A new phishing campaign is using Microsoft Word docs as bait to deliver Nim-based malware.
DarkReading
'BattleRoyal' Hackers Deliver DarkGate RAT Using Every Trick
The shadowy threat actor uses some nifty tricks to drop popular malware with targets that meet its specifications.
Infosecurity News
BattleRoyal Cluster Signals DarkGate Surge
Proofpoint said the cluster’s use of multiple attack chains highlights a new trend among cybercriminals
The Hacker News
Hackers Exploiting Old MS Excel Vulnerability to Spread Agent Tesla Malware
Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla
Cyber Security News
Hackers Abusing Search Engine Ads to Deliver DANABOT & DARKGATE Malwares
Threat actors are purchasing advertisements for malicious websites to lure victims into downloading malware, which can eventually lead to data theft and ransomware.
The Hacker News
New Malvertising Campaign Distributing PikaBot Disguised as Popular Software
PikaBot, a dangerous loader, is spreading via malvertising campaigns targeting users searching for legit software like AnyDesk
The Hacker News
Researchers Unveal GuLoader Malware's Latest Anti-Analysis Techniques
Threat hunters have discovered new tactics used by the GuLoader malware to evade analysis.
SecurityWeek
In Other News: National Laboratory Breach, Airplane GPS Attacks, Russia Accuses Allies of Hacking
Idaho National Laboratory breach, GPS attacks target airplanes, Russian accuses China and North Korea of hacking.
Bleeping Computer
DarkGate and Pikabot malware emerge as Qakbot’s successors
A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.
Infosecurity News
DarkGate and PikaBot Activity Surge in the Wake of QakBot Takedown
DarkGate and PikaBot have been observed as part of phishing campaigns using the same tactics as the ones used by QakBot perpetrators
The Hacker News
DarkGate and PikaBot Malware Resurrect QakBot's Tactics in New Phishing Attacks
New high-volume phishing campaigns mimic tactics of defunct QakBot trojan, hijacking email threads and using unique URLs to deliver DarkGate & PikaBot
DarkReading
Ducktail Malware Targets the Fashion Industry
Threat actors distributed an archive containing images of new products by major clothing companies, along with a malicious executable disguised with a PDF icon.
The Hacker News
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
Malicious sites posing as legit Windows news portals spotted distributing malware disguised as CPU-Z.
The Hacker News
New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics
Jupyter Infostealer is back with stealthy changes. Cyber attackers use manipulated SEO tactics to trick users into downloading malware.
Cyber Security News
TA571 Hacker Group Deliver IcedID Malware Via Password-protected Zip Archive
cybersecurity researchers at Proofpoint discovered two malicious campaigns in which TA571 was found spreading the Forked IcedID variant
DarkReading
Ducktail Infostealer, DarkGate RAT Linked to Same Threat Actors
Vietnamese cybercrime groups are using multiple different MaaS infostealers and RATs to target the digital marketing sector.
The Hacker News
Vietnamese Hackers Target U.K., U.S., and India with DarkGate Malware
Attacks in the U.K., U.S., and India linked to Vietnamese hackers using DarkGate malware and Ducktail stealer.
Bleeping Computer
Fake Corsair job offers on LinkedIn push DarkGate malware
A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair to lure people into downloading info-stealing malware like DarkGate and RedLine.
Infosecurity News
DarkGate Malware Campaigns Linked to Vietnam-Based Cybercriminals
WithSecure has found strong indicators that DarkGate attacks are being perpetrated by attackers also using the Ducktail infostealer
Latest Hacking News
DarkGate Malware Becomes Active, Spreads Via Skype Accounts
The notorious DarkGate malware has become active again, as it now spreads via compromised Skype accounts. Researchers warn users to remain cautious while interacting with unknown accounts. DarkGate Malware Spreads Via Compromised Skype Accounts According to a
-1.webp)
Cyber Security News
Hackers Abusing Skype and Teams to Deliver the DarkGate Malware
o spread the DarkGate malware to the targeted businesses, hackers utilized the Teams and Skype messaging platforms.
Bleeping Computer
DarkGate malware spreads through compromised Skype accounts
Between July and September, DarkGate malware attacks have used compromised Skype accounts to infect targets through messages containing VBA loader script attachments.
The Hacker News
DarkGate Malware Spreading via Messaging Services Posing as PDF Files
DarkGate malware is now spreading through instant messaging apps like Skype & Microsoft Teams.
DarkReading
DarkGate Operator Uses Skype, Teams Messages to Distribute Malware
A plurality of the targets in the ongoing campaign have been based in the Americas.
Trend Micro
DarkGate Opens Organizations for Attack via Skype, Teams
We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment.
Bleeping Computer
Microsoft to kill off VBScript in Windows to block malware delivery
Microsoft is planning to phase out VBScript in future Windows releases after 30 years of use, making it an on-demand feature until it is removed.
Bleeping Computer
Microsoft Teams phishing attack pushes DarkGate malware
A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware.
The Hacker News
Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware
Beware of the latest macOS threat! A new malvertising campaign is actively spreading Atomic Stealer malware, targeting gamers and crypto users.
Cyber Security News
Threat and Vulnerability Roundup for the week of August 27th to September 2nd
The latest attack techniques, significant weaknesses, and exploits have all been highlighted. We also provide the most latest software upgrades available to keep your devices secure.
The Hacker News
DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates
New malspam campaign uses DarkGate malware to steal data, mine cryptocurrency, and evade detection.