Lucene search
K

323 matches found

The Hacker News
The Hacker News
added 2022/12/06 4:8 p.m.24 views

Chinese Hackers Target Middle East Telecoms in Latest Cyber Attacks

A malicious campaign targeting the Middle East is likely linked to BackdoorDiplomacy, an advanced persistent threat APT group with ties to China. The espionage activity, directed against a telecom company in the region, is said to have commenced on August 19, 2021 through the successful...

1.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/17 5:56 a.m.42 views

North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor

Hackers tied to the North Korean government have been observed using an updated version of a backdoor known as Dtrack targeting a wide range of industries in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey, and the U.S. "Dtrack allows criminals to upload, download, start ...

1.4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/09 11:1 a.m.346 views

Experts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet Network

The Keksec threat actor has been linked to a previously undocumented malware strain, which has been observed in the wild masquerading as an extension for Chromium-based web browsers to enslave compromised machines into a botnet. Called Cloud9 by security firm Zimperium, the malicious browser add-...

10CVSS1.3AI score0.94996EPSS
Exploits70
Kitploit
Kitploit
added 2022/10/09 11:30 a.m.88 views

EvilnoVNC - Ready To Go Phishing Platform

EvilnoVNC is a Ready to go Phishing Platform. Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection. In addition, this tool allows us to see in real time all of the victim's actions, access to their downloaded files and the entire browser...

7.3AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2022/09/21 12:0 p.m.18 views

Tax refund phish logs keystrokes to swipe personal details

Theres been some smart phishing campaigns running over the last few weeks, and this one is particularly sneaky. Bleeping Computer reports that a phishing page is targeting Greek taxpayers with a tax refund scam. The added sting in the tail comes in the form of an embedded keylogger which grabs...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/14 8:51 a.m.25 views

Researchers Detail OriginLogger RAT — Successor to Agent Tesla Malware

Palo Alto Networks Unit 42 has detailed the inner workings of a malware called OriginLogger, which has been touted as a successor to the widely used information stealer and remote access trojan RAT known as Agent Tesla. A .NET based keylogger and remote access, Agent Tesla has had a long-standing...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/05 10:0 a.m.27 views

A week in security (August 29 - September 4)

Last week on Malwarebytes Labs: Twilio data breach turns out to be more elaborate than suspected Playing Doom on a John Deere tractor with Sick Codes: Lock and Code S03E18 Chromium browsers can write to the system clipboard without your permission British Airways customers targeted in lost luggag...

0.4AI score
Exploits0
HackRead
HackRead
added 2022/09/01 3:51 p.m.21 views

Snake Keylogger Returns with New Malspam Campaign Targeting IT Firms

By Waqas The IP addresses used in the attack originated from Vietnam, while the campaign’s primary targets were located in the USA. This is a post from HackRead.com Read the original post: Snake Keylogger Returns with New Malspam Campaign Targeting IT Firms...

1.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/01 11:0 a.m.20 views

What is a keylogger?

A blog post published earlier this year posed the question "Is Grammarly a keylogger?" I have personally had people reference that post and ask me to add detection of Grammarly to Malwarebytes. The answer has always been, "no." Whether or not you like what Grammarly does, Grammarly is not a...

8AI score
Exploits0
ThreatPost
ThreatPost
added 2022/08/30 4:0 p.m.65 views

Watering Hole Attacks Push ScanBox Keylogger

A China-based threat actor has ramped up efforts to distribute the ScanBox reconnaissance framework to victims that include domestic Australian organizations and offshore energy firms in the South China Sea. The bait used by the advanced threat group APT is targeted messages that supposedly link...

7.3AI score
Exploits0References8
The Hacker News
The Hacker News
added 2022/08/22 12:32 p.m.35 views

Meet Borat RAT, a New Unique Triple Threat

Atlanta-based cyber risk intelligence company, Cyble discovered a new Remote Access Trojan RAT malware. What makes this particular RAT malware distinct enough to be named after the comic creation of Sacha Baron Cohen? RAT malware typically helps cybercriminals gain complete control of a victim's...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/19 12:0 p.m.20 views

Spying on the spies. See what JavaScript commands get injected by in-app browsers

Developer and privacy expert Felix Krause aka KrauseFx announced this week that he had introduced a simple tool to list the JavaScript commands executed by iOS apps when they deployed an in-app web browser to render webpages. He already shared some eye-opening results on his Twitter feed. By...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/08/01 12:0 a.m.404 views

Backdoor.Win32.Destrukor.20 MVID-2022-0627 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Destrukor.20 Vulnerability: Unauthenticated Remote Command Execution...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2022/07/12 12:30 p.m.22 views

WebView2-Cookie-Stealer - Attacking With WebView2 Applications

Please read this blog post to get more information. Source Code This code is a modified version of Microsoft's WebView2 Code. The current code can be cleaned up and made much better. Demo Launch Example Usage Example Usage Tested onWindows 10 & 11. When the binary is executed...

6.8AI score
Exploits0References2
The Hacker News
The Hacker News
added 2022/06/28 7:56 a.m.51 views

New Android Banking Trojan 'Revive' Targeting Users of Spanish Financial Services

A previously unknown Android banking trojan has been discovered in the wild, targeting users of the Spanish financial services company BBVA. Said to be in its early stages of development, the malware — dubbed Revive by Italian cybersecurity firm Cleafy — was first observed on June 15, 2022 and...

1.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/14 8:2 a.m.23 views

Researchers Detail PureCrypter Loader Cyber Criminals Using to Distribute Malware

Cybersecurity researchers have detailed the workings of a fully-featured malware loader dubbed PureCrypter that's being purchased by cyber criminals to deliver remote access trojans RATs and information stealers. "The loader is a .NET executable obfuscated with SmartAssembly and makes use of...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2022/05/23 12:7 p.m.312 views

Snake Keylogger Spreads Through Malicious PDFs

While most malicious e-mail campaigns use Word documents to hide and spread malware, a recently discovered campaign uses a malicious PDF file and a 22-year-old Office bug to propagate the Snake Keylogger malware, researchers have found. The campaign—discovered by researchers at HP Wolf...

9.3CVSS8.6AI score0.99945EPSS
Exploits33References4
Gitee
Gitee
added 2022/04/24 4:27 p.m.5 views

pikachu

It is an offensive tool for web application security training. The primary CVE ID is not explicitly stated, but the tool is designed to demonstrate various web application vulnerabilities, including but not limited to: Burt Force brute force, XSS cross-site scripting, CSRF cross-site request...

6.4AI score
Exploits0
ThreatPost
ThreatPost
added 2022/04/05 1:30 p.m.187 views

No-Joke Borat RAT Propagates Ransomware, DDoS

Attackers are using a newly released remote access trojan RAT to spread ransomware and distributed denial of service DDoS — in addition to the traditional RAT function of backdooring victims’ systems. Researchers at Cyble Research Labs discovered the RAT, which they dubbed Borat RAT because it us...

8.8AI score
Exploits0References7
Malwarebytes
Malwarebytes
added 2022/03/17 2:9 p.m.20 views

Gh0stCringe RAT makes database servers squeal for protection

Researchers have found that the Gh0stCringe RAT is infecting Microsoft SQL and MySQL, and seems to focus on servers with weak protection. The Gh0stCringe RAT communicates with a command and control C&C server to receive instructions and is capable of exfiltrating information. SQL SQL is short for...

0.3AI score
Exploits0
Rows per page
Query Builder