cyber security news today

10 Aug

North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS

admin0 CommentsWorld, , , , , , , , , , , , , , ,
Jul 31, 2024Ravie LakshmananMalware / Software Development The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems. The activity cluster, dubbed DEV#POPPER and linked to North Korea, has been found to have singled out victims across South Korea, North America, Europe, and the Middle East. "This form of attack is an advanced form of social engineering, designed to manipulate individuals into divulging confidential information or performing actions that they might normally not," Securonix researchers Den Iuzvyk and Tim Peck said in a new…
Read More
09 Aug

Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova

admin0 CommentsWorld, , , , , , , , , , , , , , ,
Jul 31, 2024Ravie LakshmananCyber Espionage / Threat Intelligence Companies in Russia and Moldova have been the target of a phishing campaign orchestrated by a little-known cyber espionage group known as XDSpy. The findings come from cybersecurity firm F.A.C.C.T., which said the infection chains lead to the deployment of a malware called DSDownloader. The activity was observed this month, it added. XDSpy is a threat actor of indeterminate origin that was first uncovered by the Belarusian Computer Emergency Response Team, CERT.BY, in February 2020. A subsequent analysis by ESET attributed the group to information-stealing attacks aimed at government agencies in Eastern…
Read More
08 Aug

OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script

admin0 CommentsWorld, , , , , , , , , , , , , , ,
Jul 30, 2024Ravie LakshmananMalware / Email Security Cybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script. "This campaign heavily relies on social engineering tactics to deceive users into executing a PowerShell script, thereby compromising their systems," Trellix security researcher Rafael Pena said in a Monday analysis. The cybersecurity company is tracking the "crafty" phishing and downloader campaign under the name OneDrive Pastejacking. The attack unfolds via an email containing an HTML file that, when opened, displays an image simulating an OneDrive page and includes the error…
Read More
07 Aug

Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails

admin0 CommentsWorld, , , , , , , , , , , , , , ,
An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various popular companies like Best Buy, IBM, Nike, and Walt Disney, among others. "These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive recipients and steal funds and credit card details," Guardio Labs researcher Nati Tal said in a detailed report shared with The Hacker News. The cybersecurity company has given the campaign the name EchoSpoofing. The…
Read More
07 Aug

‘Stargazer Goblin’ Creates 3,000 Fake GitHub Accounts for Malware Spread

admin0 CommentsTrending News, , , , , , , , , , , , , , ,
A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service (DaaS) that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year. The network, which comprises over 3,000 accounts on the cloud-based code hosting platform, spans thousands of repositories that are used to share malicious links or malware, per Check Point, which has dubbed it "Stargazers Ghost Network." Some of the malware families propagated using this method include Atlantida Stealer, Rhadamanthys, RisePro, Lumma Stealer, and RedLine, with the bogus accounts also engaged in…
Read More
06 Aug

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

admin0 CommentsTrending News, , , , , , , , , , , , , , ,
Jul 26, 2024Ravie Lakshmanan Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security firm Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023. "Unbeknownst to most users, Selenium WebDriver API enables full interaction with the machine itself, including reading and downloading files, and running remote commands," Wiz researchers Avigayil Mechtinger, Gili Tikochinski, and Dor Laska said. "By default, authentication is not enabled for this service.…
Read More
05 Aug

What Enterprises MUST Know about Enterprise Browser Security

admin0 CommentsTrending News, , , , , , , , , , , , , , ,
Jul 25, 2024The Hacker NewsBrowser Security / Enterprise Security The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least protected threat surfaces of the modern enterprise. Traditional security tools provide little protection against browser-based threats, leaving organizations exposed. Modern cybersecurity requires a new approach based on the protection of the browser itself, which offers both security and frictionless deployment. In an upcoming live webinar (Register here), Or Eshed, CEO of browser security company LayerX, and Christopher Smedberg, Director of Cybersecurity at Advance Publishing, will discuss the challenges facing modern enterprise…
Read More
03 Aug

New Chrome Feature Scans Password-Protected Files for Malicious Content

admin0 CommentsTrending News, , , , , , , , , , , , , , ,
Jul 25, 2024Ravie LakshmananBrowser Security / Data Protection Google said it's adding new security warnings when downloading potentially suspicious and malicious files via its Chrome web browser. "We have replaced our previous warning messages with more detailed ones that convey more nuance about the nature of the danger and can help users make more informed decisions," Jasika Bawa, Lily Chen, and Daniel Rubery from the Chrome Security team said. To that end, the search giant is introducing a two-tier download warning taxonomy based on verdicts provided by Google Safe Browsing: Suspicious files and Dangerous files. Each category comes with its…
Read More
02 Aug

Telegram App Flaw Exploited to Spread Malware Hidden in Videos

admin0 CommentsTrending News, , , , , , , , , , , , , , ,
A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos. The exploit appeared for sale for an unknown price in an underground forum on June 6, 2024, ESET said. Following responsible disclosure on June 26, the issue was addressed by Telegram in version 10.14.5 released on July 11. "Attackers could share malicious Android payloads via Telegram channels, groups, and chat, and make them appear as multimedia files," security researcher Lukáš Štefanko said in a report. It's believed that the payload is concocted using Telegram's application programming…
Read More
No widgets found. Go to Widget page and add the widget in Offcanvas Sidebar Widget Area.
On isro gaganyaan mission : master plan to send indians to space. Navigating the electoral seas : assessing the impact of the maldives india dispute on election outcomes. Uber and lyft threaten to pull out of minneapolis after city council vote.