Ukrainian Authorities Arrested Phishing Gang That Stole $3.37 Million USD

Leave a Comment / Cyber Attacks /

In a campaign to take advantage of the ongoing crisis, hundreds of phishing sites purported to offer financial aid to Ukrainian civilians. Nine members of a criminal gang were detained by the Cyber Police of Ukraine after they stole 100 million hryvnias from them. According to a press release from the organization last week, “criminals […]

Ukrainian Authorities Arrested Phishing Gang That Stole $3.37 Million USD Read More »

Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild

Leave a Comment / Reviews /

Google released security upgrades on Monday to fix a high-severity zero-day bug in its Chrome web browser that the company claimed is already being used in the wild. The issue, designated CVE-2022-2294, pertains to a heap overflow vulnerability in the WebRTC component, which enables real-time audio and video communication in browsers without the need to

Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild Read More »

A New Trending Hacking Technique Called “Account Pre-Hijacking”

Leave a Comment / Cyber Attacks /

According to new research, malicious actors can get illegal access to users’ online accounts via a new approach known as “account pre-hijacking.” The assault targets the account creation process, which is common on websites and other online platforms, allowing an adversary to carry out a series of operations before an unwary victim establishes an account

A New Trending Hacking Technique Called “Account Pre-Hijacking” Read More »

U.S. Warns Against North Korean Hackers Posing as IT Freelancers

Leave a Comment / Cyber Attacks /

Highly skilled software and mobile app developers from the Democratic People’s Republic of Korea (DPRK) are posing as “non-DPRK nationals” in hopes of landing freelance employment in an attempt to enable the regime’s malicious cyber intrusions. That’s according to a joint advisory from the U.S. Department of State, the Department of the Treasury, and the

U.S. Warns Against North Korean Hackers Posing as IT Freelancers Read More »

Researchers Find Potential Way to Run Malware on iPhone Even When it’s OFF

Leave a Comment / Malware /

A first-of-its-kind security analysis of iOS Find My function has identified a novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that’s executed while an iPhone is “off.” The mechanism takes advantage of the fact that wireless chips related to Bluetooth, Near-field communication (NFC), and

Researchers Find Potential Way to Run Malware on iPhone Even When it’s OFF Read More »

Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit

Leave a Comment / Cyber Attacks /

A new research published by academics from KU Leuven, Radboud University, and the University of Lausanne has revealed that users’ email addresses are exfiltrated to tracking, marketing, and analytics domains before such is submitted and without prior consent. The study involved crawling 2.8 million pages from the top 100 websites, and found that as many

Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit Read More »

Keep an Eye Out! Dockers, AWS, and Alibaba Cloud Are Being Targeted by Cryptocurrency Miners.

Leave a Comment / Cyber Attacks /

As part of an ongoing malware effort, LemonDuck, a cross-platform cryptocurrency mining botnet, is targeting Docker to mine cryptocurrency on Linux servers. In a new study, CrowdStrike stated, “It operates an anonymous mining operation by using proxy pools, which disguise the wallet addresses.” “It avoids detection by targeting and disabling Alibaba Cloud’s monitoring service.” LemonDuck

Keep an Eye Out! Dockers, AWS, and Alibaba Cloud Are Being Targeted by Cryptocurrency Miners. Read More »

Hackers Infiltrate Resumes Sent to Corporate Hiring Managers With the ‘More Eggs’ CVWARE.

Leave a Comment / Malware /

A year after potential candidates looking for work on LinkedIn were tempted with weaponized job offers, a new series of phishing assaults carrying the more eggs malware has been detected attacking corporate hiring supervisors with false resumes as an infection vector thus making it dubbed ‘the CV-WARE’ by Sly Uduosa, Slytech’s research lead. “This year,

Hackers Infiltrate Resumes Sent to Corporate Hiring Managers With the ‘More Eggs’ CVWARE. Read More »

New SolarMarker Malware Variant Employing Updated Techniques to Avoid Detection

Leave a Comment / Vulnerabilities /

Researchers have revealed an improved version of the SolarMarker virus that includes new features aimed at improving its defensive evasion skills and remaining undetected. “The newest version indicated an advancement from dealing with Windows Portable Executables (EXE files) to working with Windows installation package files (MSI files,” according to a report issued this month by

New SolarMarker Malware Variant Employing Updated Techniques to Avoid Detection Read More »