22 matches found
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign
Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics. "Unusually for macOS malware, the threat actors employ a process injection...
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection...
AI-Powered Social Engineering: Ancillary Tools and Techniques
Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent communication, the FBI pointed out: 'As technology continues to evolve, so do cybercriminals'...
Black Basta Ransomware Uses MS Teams, Email Bombing to Spread Malware
The Black Basta ransomware group is using advanced social engineering tactics and a multi-stage infection process to target organizations...
Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks
The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group's playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. "The campaign distributed the...
Cyber Signals: Inside the growing risk of gift card fraud
In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. Microsoft Threat Intelligence has observed that gift cards are attractive targets for fraud and social engineering practices. Unlike credit or debit cards, there’s no customer name or bank...
CVE-2023-48199
HTML Injection vulnerability in the 'manageApiKeys' component in Grocy = 4.0.3 allows attackers to inject arbitrary HTML content without script execution. This occurs when user-supplied data is not appropriately sanitized, enabling the injection of HTML tags through parameter values. The attacker...
MAL-2023-1550 Malicious code in btc-api-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx f59f6e40fe31bd4d5d4aa5da8bc0d032e2bbff9166104dc707c2987f953a5d93 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...
MAL-2023-314 Malicious code in eth-api-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ae0229b0b9b6f52ad99cbadf592c4cd4a35c6b90764717a8d37ce843df055398 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...
Malicious code in sync-http-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 666c54b1098d52ea02eebf562d8cf02c1a736ee608eb15029543afd5181e4094 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...
MAL-2023-107 Malicious code in assets-graph (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx e513e7556846ca62fa4d27646eef928d55f2c2954ce9caa51dd63643e2adf445 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...
MAL-2023-1554 Malicious code in ipstringfy (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx deea2822e14722106952d830748fc4b8c86f7613827ea90caaeb796f9a9eb9f4 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...
MAL-2023-975 Malicious code in xml2yaml (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ede33f285ce592232ffffd5ea89eb8505d88e0d520640d52c721560d06d02f69 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...
Hackers Stealing Browser Cookies to Hijack High-Profile YouTube Accounts
Since at least late 2019, a network of hackers-for-hire have been hijacking the channels of YouTube creators, luring them with bogus collaboration opportunities to broadcast cryptocurrency scams or sell the accounts to the highest bidder. That's according to a new report published by Google's...
Mysterious database exposed personal information of 80 million US households
Word has broken of yet another massive data trove exposed for anyone to see. A research team from vpnMentor discovered an exposed 24GB database hosted on a Microsoft cloud server containing the addresses, income levels, and marital statuses of users within 80 million US households. As we’ve seen...
RSA Conference 2019: BEC Scammer Gang Takes Aim at Boy Scouts, Other Nonprofts
SAN FRANCISCO – A Nigeria-based scammer gang dubbed “Scarlet Widow” has been launching email fraud attacks against thousands of targets – including universities, the Salvation Army, and Boy Scouts of America. Researchers with Agari detailed the attack during an RSA Conference session on Tuesday...
Introducing: Malwarebytes Browser Extension
Are you tired of all the unwanted content the world wide web offers up, whether you like it or not? It is our privilege to introduce you to the Malwarebytes Browser Extension BETA. Or, better said, the Malwarebytes Browser Extensions, because we have one for Firefox and one for Chrome. Introducti...
Tech support scams persist with increasingly crafty techniques
Note: Our Tech support scams FAQ page has the latest info on this type of threat, including scammer tactics, fake error messages, and the latest scammer hotlines. You can also read our latest blog, New tech support scam launches communication or phone call app. Millions of users continue to...
How Just Opening an MS Word Doc Can Hijack Every File On Your System
If you receive a mail masquerading as a company's invoice and containing a Microsoft Word file, think twice before clicking on it. Doing so could cripple your system and could lead to a catastrophic destruction. Hackers are believed to be carrying out social engineering hoaxes by adopting...
U.S. based Cloud Hosting providers contribute 44% of Malware distribution
U.S. has the top Security Agencies like NSA, FBI to tackle cyber crime and terrorism with their high profile surveillance technologies, but even after that U.S is proudly hosting 44% of the entire cloud based malware distribution. With the enhancement in Internet technology, Cloud computing has...