113 matches found
New MortalKombat Ransomware Attack Aiming for Crypto Wallets
By Habiba Rashid Hackers are deploying the MortalKombat ransomware and Laplas Clipper malware in a financially motivated campaign against victims worldwide. This is a post from HackRead.com Read the original post: New MortalKombat Ransomware Attack Aiming for Crypto Wallets...
Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware
A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines wi...
Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware
A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines wi...
Emerging MortalKombat Ransomware and Laplas Clipper Malware Targeting Cryptocurrency
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary An unidentified actor using the MortalKombat ransomware and a GO variant of the Laplas Clipper malware to steal cryptocurrency from victims. This campaign aims to steal or demand ransom payments in...
New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign
Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims. Talos observed the actor scanning the internet for...
Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!
Malicious actors have published more than 451 unique Python packages on the official Python Package Index PyPI repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a...
Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!
Malicious actors have published more than 451 unique Python packages on the official Python Package Index PyPI repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a...
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Radio Steam Disclosure
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x Unauthenticated Radio Stream Disclosure Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco...
Evernote Web Clipper Same-Origin Policy Bypass Vulnerability
Evernote Web Clipper suffered from a same-origin policy bypass vulnerability. The link to the demo exploit was a 403 at the time of addition and has not been included in this post. Evernote: extension allows cross-origin iframe communication I happened to notice that the Evernote Web Clipper...
New Laplas Clipper Malware Targeting Cryptocurrency Users via SmokeLoader
Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader. SmokeLoader, which is delivered by means of weaponized documents sent through spear-phishing emails, further acts as a conduit for other commodity trojans like...
Doenerium - Fully Undetected Grabber (Grabs Wallets, Passwords, Cookies, Modifies Discord Client Etc.)
Fully Undetected Grabber Grabs Wallets, Passwords, Cookies, Modifies Discord Client Etc. Features Stealer Discord Token Discord Info - Username, Phone number, Email, Billing, Nitro Status & Backup Codes Discord Friends with rare badges Grabs crypto wallets Zcash Armory Bytecoin Jaxx Exodus Ethere...
Hackers Distributing Password Cracking Tool for PLCs and HMIs to Target Industrial Systems
Industrial engineers and operators are the target of a new campaign that leverages password cracking software to seize control of Programmable Logic Controllers PLCs and co-opt the machines to a botnet. The software "exploited a vulnerability in the firmware which allowed it to retrieve the...
doc2dash (=1.2.0), document-clipper (>=0.9.0 <=0.13.6) +1 more potentially affected by CVE-2014-3146 via lxml (>=3.2.3 <=3.3.2)
lxml PYPI version =3.2.3, =0.9.0, =0.13.6 - rymtracks =0.1.2 Source cves: CVE-2014-3146 Source advisory: OSV:GHSA-57QW-CC2G-PV5P...
Experts Detail Saintstealer and Prynt Stealer Info-Stealing Malware Families
Cybersecurity researchers have dissected the inner workings of an information-stealing malware called Saintstealer that's designed to siphon credentials and system information. "After execution, the stealer extracts username, passwords, credit card details, etc.," Cyble researchers said in an...
clipper-retail.com Cross Site Scripting vulnerability OBB-2147341
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2021-28134
Clipper before 1.0.5 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API...
CVE-2021-28134
Clipper before 1.0.5 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API...
CVE-2021-28134
Clipper before 1.0.5 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API...
CVE-2021-28134
CVE-2021-28134 (Clipper) affects Clipper prior to 1.0.5. The vulnerability arises from an exposed vulnerable ipcRenderer IPC interface that can invoke the dangerous openExternal API, enabling remote command execution. Affected software: Clipper ≤ 1.0.4. Root cause: IPC message handling to openExt...
Akash Rajpurohit clipper 安全漏洞
Akash Rajpurohit clipper is an open source application Akash Rajpurohit. It provides the ability to save a history of all the information copied and use them at any time. A security vulnerability exists in Clipper before 1.0.5 that allows remote command execution. A remote attacker can exploit th...