First encountered in December 2019, JsOutProx is a RAT and highly obfuscated JavaScript backdoor that allows its operators to run shell commands, download additional payloads, execute files, capture screenshots, establish persistence, and more.
The NCSC-FI has warned of increased Akira ransomware attacks in December. These attacks targeted companies in Finland and involved wiping backups, making it difficult for victims to recover their data without paying a ransom.
On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was fixed in version 4.2.3. A couple of days later, on December 13th, the Balada Injector campaign started infecting websites with older versions of the Popup Builder. The attack used a […]
The Memorial University of Newfoundland experienced a cyberattack in late December, leading to the postponement of classes and disruptions to IT services at its Grenfell campus.
Spotify music converter TuneFab puts users at risk Pierluigi Paganini December 30, 2023 TuneFab converter, used to convert copyrighted music from streaming platforms such as Spotify, Amazon’s Audible, or Apple Music, has exposed its users’ private data. Cybernews research showed that the platform has exposed more than 151 million parsed records with users’ IP addresses, […]
New Version of Meduza Stealer Released in Dark Web Pierluigi Paganini December 29, 2023 The Resecurity’s HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web. On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). […]
Last updated 27 December, 2023 Dillinger Labs has announced the launch of the world’s first wireless, battery-powered mobile subwoofer, called Death From Below (DFB). The Canada-designed product is available for pre-order now and is set to ship in March 2024. The DFB is an AC-powered subwoofer, but crucially, with a robust battery option built-in. It […]
Rhysida ransomware group hacked Abdali Hospital in Jordan Pierluigi Paganini December 26, 2023 The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. Abdali Hospital is a multi-specialty hospital located in the modern development of Al-Abdali, Amman, Jordan. Abdali Hospital provides care to patients in numerous specialties. Apart from its general surgery section, it has specialists in […]
Google addressed a new actively exploited Chrome zero-day Pierluigi Paganini December 20, 2023 Google has released emergency updates to address a new actively exploited zero-day vulnerability in the Chrome browser. Google has released emergency updates to address a new zero-day vulnerability, tracked as CVE-2023-7024, in its web browser Chrome. The flaw has been addressed with […]