Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 87

May 22, 2022

PDF smuggles Microsoft Word doc to drop Snake Keylogger malware

Posted by in category: cybercrime/malcode

Threat analysts have discovered a recent malware distribution campaign using PDF attachments to smuggle malicious Word documents that infect users with malware.

The choice of PDFs is unusual, as most malicious emails today arrive with DOCX or XLS attachments laced with malware-loading macro code.

However, as people become more educated about opening malicious Microsoft Office attachments, threat actors switch to other methods to deploy malicious macros and evade detection.

May 22, 2022

Elon Musk deep fakes promote new cryptocurrency scam

Posted by in categories: cryptocurrencies, cybercrime/malcode, Elon Musk

Cryptocurrency scammers are using deep fake videos of Elon Musk and other prominent cryptocurrency advocates to promote a BitVex trading platform scam that steals deposited currency.

This fake BitVex cryptocurrency trading platform claims to be owned by Elon Musk, who created the site to allow everyone to earn up to 30% returns on their crypto deposits.

This scam campaign started earlier this month with threat actors creating or hacking existing YouTube accounts to host deep fake videos of Elon Musk, Cathie Wood, Brad Garlinghouse, Michael Saylor, and Charles Hoskinson.

May 18, 2022

More than 200 apps on Play Store with millions of downloads are stealing users’ passwords and sensitive information

Posted by in categories: cybercrime/malcode, finance, mobile phones

Researchers at Trend Micro identified a set of mobile apps available on the Google Play Store performing malicious tasks in the background, including stealing user credentials and banking details from Android users. Some of these apps have nearly 100,000 downloads, so the scope of the problem is considerable.

In total, the analysis revealed the detection of 200 malicious applications that hide code from dangerous malware variants, capable of putting users of the affected devices in serious trouble.

Continue reading “More than 200 apps on Play Store with millions of downloads are stealing users’ passwords and sensitive information” »

May 18, 2022

Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang

Posted by in category: cybercrime/malcode

Researchers reveal the inner workings of a cybercriminal group known as the Wizard Spider.


Microsoft warns of a new malicious campaign targeting SQL Servers that involves use of a built-in PowerShell utility (sqlps.exe).

May 18, 2022

Microsoft Warns of “Cryware” Info-Stealing Malware Targeting Crypto Wallets

Posted by in categories: cryptocurrencies, cybercrime/malcode, internet

Microsoft warns of “cryware” malware that steals information and exfiltrate data directly from non-custodial cryptocurrency wallets.


Microsoft is warning of an emerging threat targeting internet-connected cryptocurrency wallets, signaling a departure in the use of digital coins in cyberattacks.

The tech giant dubbed the new threat “cryware,” with the attacks resulting in the irreversible theft of virtual currencies by means of fraudulent transfers to an adversary-controlled wallet.

Continue reading “Microsoft Warns of ‘Cryware’ Info-Stealing Malware Targeting Crypto Wallets” »

May 18, 2022

Teslas are susceptible to hacking due to bluetooth locks, cybersecurity firm says

Posted by in categories: cybercrime/malcode, mobile phones, transportation

Teslas are among the most susceptible vehicles to be hacked due to their Bluetooth locks, cybersecurity firm NCC Group said. The cars can be remotely unlocked and controlled by hackers that can exploit a vulnerability in the Bluetooth system’s security, the group said.

NCC Group researcher Sultan Qasim Khan was shown in a video opening, then driving a Tesla using a small relay device attached to a laptop. The device bridged a large gap between the Tesla and the Tesla owner’s phone, Reuters said.

“This proves that any product relying on a trusted BLE connection is vulnerable to attacks even from the other side of the world,” NCC said in a statement. BLE means Bluetooth Low Energy, and is a technology utilized in vehicles and Bluetooth locks that will automatically unlock or unlatch when an authorized device is nearby. While it is a convenience feature, it is not immune to attacks, which was the point of NCC’s experiment.

May 17, 2022

NIST updates guidance for defending against supply-chain attacks

Posted by in category: cybercrime/malcode

The National Institute of Standards and Technology (NIST) has released updated guidance on securing the supply chain against cyberattacks.

Since 2020, NIST has released two draft documents on how the enterprise can better defend itself from supply-chain attacks.

Today, in response to Executive Order 14028: Improving the Nation’s Cybersecurity, NIST has published ‘Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations’ to provide guidance on identifying and responding to supply chain cybersecurity risks.

May 17, 2022

Almost 2 million Texans affected by Texas Department of Insurance data breach

Posted by in category: cybercrime/malcode

(Texas Tribune/KXAN) — A massive security breach at the Texas Department of Insurance leaked the personal information of almost 2 million Texans for nearly three years, according to a state audit released last week.

The department said the personal information of 1.8 million workers who have filed compensation claims — including Social Security numbers, addresses, dates of birth, phone numbers and information about workers’ injuries — was accessible online to members of the public from March 2019 to January 2022.

Though personal information was compromised – the agency now says there’s no reason to believe the data was used.

May 16, 2022

CISA warns not to install May Windows updates on domain controllers

Posted by in category: cybercrime/malcode

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has removed a Windows security flaw from its catalog of known exploited vulnerabilities due to Active Directory (AD) authentication issues caused by the May 2022 updates that patch it.

This security bug is an actively exploited Windows LSA spoofing zero-day tracked as CVE-2022–26925, confirmed as a new PetitPotam Windows NTLM Relay attack vector.

Unauthenticated attackers abuse CVE-2022–26925 to force domain controllers to authenticate them remotely via the Windows NT LAN Manager (NTLM) security protocol and, likely, gain control over the entire Windows domain.

May 16, 2022

Eavesdroppers can hack 6G frequency with DIY metasurface

Posted by in categories: cybercrime/malcode, engineering, internet

Crafty hackers can make a tool to eavesdrop on some 6G wireless signals in as little as five minutes using office paper, an inkjet printer, a metallic foil transfer and a laminator.

The wireless security hack was discovered by engineering researchers from Rice University and Brown University, who will present their findings and demonstrate the attack this week in San Antonio at ACM WiSec 2022, the Association for Computing Machinery’s annual conference on security and privacy in wireless and mobile networks.

“Awareness of a future threat is the first step to counter that threat,” said study co-author Edward Knightly, Rice’s Sheafor-Lindsay Professor of Electrical and Computer Engineering. “The frequencies that are vulnerable to this attack aren’t in use yet, but they are coming and we need to be prepared.”

Page 87 of 218First8485868788899091Last