Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 6

Nov 9, 2024

U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

Posted by in categories: cybercrime/malcode, government

U.S. government updates Traffic Light Protocol guidance to enhance cybersecurity information sharing and collaboration.

Nov 9, 2024

New tool bypasses Google Chrome’s new cookie encryption system

Posted by in categories: cybercrime/malcode, encryption

A researcher has released a tool to bypass Google’s new App-Bound encryption cookie-theft defenses and extract saved credentials from the Chrome web browser.

The tool, named ‘Chrome-App-Bound-Encryption-Decryption,’ was released by cybersecurity researcher Alexander Hagenah after he noticed that others were already figuring out similar bypasses.

Although the tool achieves what multiple infostealer operations have already added to their malware, its public availability raises the risk for Chrome users who continue to store sensitive data in their browsers.

Nov 9, 2024

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

Posted by in category: cybercrime/malcode

Chinese botnet Storm-0940 exploits routers, targets Microsoft users with covert password spray attacks.

Nov 9, 2024

New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites

Posted by in category: cybercrime/malcode

Discover how the new Xiū gǒu phishing kit threatens users in multiple countries since September 2024.

Nov 9, 2024

DDoS site Dstat.cc seized and two suspects arrested in Germany

Posted by in categories: cybercrime/malcode, economics, energy, law enforcement

The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for years.

The seizure and arrests were conducted as part of “Operation PowerOFF,” an ongoing international law enforcement operation that targets DDoS-for-hire platforms, aka “booters” or “stressers,” to seize infrastructure and arrest the operators.

These platforms are responsible for service disruptions to online services and can cause significant economic damages, as well as impact to the operation of critical services, such as healthcare.

Nov 9, 2024

New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus

Posted by in category: cybercrime/malcode

New CRON#TRAP malware installs a Linux VM backdoor on Windows, evading antivirus, and allowing hidden control over compromised systems.

Nov 9, 2024

Nokia says hackers leaked third-party app source code

Posted by in category: cybercrime/malcode

Nokia’s investigation of recent claims of a data breach found that the source code leaked on a hacker forum belongs to a third party and company and customer data has not been impacted.

The statement comes in response to threat actor IntelBroker earlier this week releasing data belonging to Nokia, allegedly stolen after breaching a third-party vendor’s server.

The hacker tried to sell the data, claiming that it includes SSH keys, source code, RSA keys, BitBucket logins, SMTP accounts, webhooks, and hardcoded credentials, but they decided to leak it after Nokia denied the breach.

Nov 9, 2024

Windows infected with backdoored Linux VMs in new phishing attacks

Posted by in category: cybercrime/malcode

A new phishing campaign dubbed ‘CRON#TRAP’ infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks.

Using virtual machines to conduct attacks is nothing new, with ransomware gangs and cryptominers using them to stealthily perform malicious activity. However, threat actors commonly install these manually after they breach a network.

A new campaign spotted by Securonix researchers is instead using phishing emails to perform unattended installs of Linux virtual machines to breach and gain persistence on corporate networks.

Nov 8, 2024

Tennr Raises $37 Million In Series B Round To Hack Healthcare

Posted by in categories: biotech/medical, cybercrime/malcode, robotics/AI

Healthcare start-up Tennr reports a $37 million Series B fundraising round – nine months after raising an $18 million Series A funding round. The young company plans to use machine learning in order to improve patient record keeping, prevent medical error and reduce waiting times for patients. The Series B round was led by Lightspeed Ventures, together with existing investors Andreessen Horowitz and Foundation Capital, and raises the total amount of money raised by the company to $61 million.

Several US healthcare providers have already begun working with the firm, both private doctors’ practices and major clinics and hospitals. These providers receive referrals from primary care providers in different formats to register patients and document their case history. Since providers often compete with each other for patients, there is no standard format used in the industry nationwide, with many companies relying on handwritten documents, messages from private email accounts, and some even using such outdated technology as fax machines. This causes significant delays in the provision of treatment, and increases the likelihood that patients will be misdiagnosed, referred to the wrong clinic or denied access to a specialist whose expertise they require.

Tennr has made it its mission to solve these problems by automating this process: it extracts the relevant information from referrals, no matter what form they’re received in or what technology was used to generate the documents, which not only enables more rapid response times but also creates an unprecedented level of standardization in the medical field, nationally and in the future perhaps globally as well. The company has already processed tens of millions of referrals for patients in the USA, ensuring an appointment with a specialist in a few hours, instead of having to wait several weeks and at times months.

Nov 1, 2024

Over a thousand online shops hacked to show fake product listings

Posted by in category: cybercrime/malcode

A phishing campaign dubbed ‘Phish n’ Ships’ has been underway since at least 2019, infecting over a thousand legitimate online stores to promote fake product listings for hard-to-find items.

Unsuspecting users clicking on those products are redirected to a network of hundreds of fake web stores that steal their personal details and money without shipping anything.

According to HUMAN’s Satori Threat Intelligence team that discovered Phish n’ Ships, the campaign has impacted hundreds of thousands of consumers, causing estimated losses of tens of millions of dollars.

Page 6 of 222First345678910Last