Sep 11, 2023THNCyber Crime / Malware A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. “Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection and execution since it uses […]
A relatively unknown threat group W3LL, which started six years ago with a custom tool for bulk email spam, is now running a massive operation by selling a phishing kit that targets Microsoft 365 business email accounts. According to researchers from Group-IB, the group has gone to great lengths to stay under the radar while […]
Check Point researchers have discovered hackers exploiting Google Looker Studio to create fraudulent cryptocurrency phishing websites. These phishing sites target digital asset holders, leading to compromised accounts and financial losses. Google Looker Studio (previously known as Data Studio, is an online tool for converting data from spreadsheets and various sources into customizable reports. Scam tactics […]
The US government has ordered all federal civilian agencies to patch a critical vulnerability in Apache RocketMQ, which is currently being exploited in the wild. The US Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2023-33246 to its Known Exploited Vulnerabilities Catalog. It means government agencies have until September 27 to apply a vendor patch to affected […]
Cybersecurity firm Check Point is warning of a new type of phishing attacks that abuse Google Looker Studio to bypass protections. Google Looker Studio is a legitimate online tool for creating customizable reports, including charts and graphs, that can be easily shared with others. As part of the observed attacks, threat actors are using Google […]
Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to code execution by tricking users into opening specially crafted files.
Sep 09, 2023THNMobile Security / Spyware Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and […]
This article was updated at 12:45 p.m. EST Eleven Russian nationals alleged to have been part of the criminal group operating the Trickbot malware and Conti ransomware schemes were sanctioned Thursday by authorities in the United States and United Kingdom. The individuals targeted by the sanctions “include key actors involved in management and procurement for […]
In addition to targeting researchers with 0-day exploits, the threat actors also developed a standalone Windows tool that has the stated goal of ‘download debugging symbols from Microsoft, Google, Mozilla and Citrix symbol servers for reverse engineers.’ The source code for this tool was first published on GitHub on September 30, 2022, with several updates […]