Cybersecurity

Network Flight Simulator: Open-source adversary simulation tool – Help Net Security

Network Flight Simulator is a lightweight utility that generates malicious network traffic and helps security teams evaluate security controls and network visibility. The tool performs tests to simulate DNS tunneling, DGA traffic, requests to known active C2 destinations, and other suspicious traffic patterns. “There’s so much snake oil within the security industry regarding threat detection […]

Cybersecurity

Attacker Unleashes Stealthy Crypto Mining via Malicious Python Package

Key Points A malicious Python package, “Culturestreak”, hijacks system resources for unauthorized cryptocurrency mining. The malicious package utilizes obfuscated code and random filenames to evade detection. The code runs in an infinite loop, making it a relentless threat that continually exploits system resources. The malicious code originates from an active GitLab repository, underscoring the ongoing […]

Cybersecurity

Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with Venom RAT

Sep 21, 2023THNVulnerability / Exploit A malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect users who downloaded the code with Venom RAT malware. “The fake PoC meant to exploit this WinRAR vulnerability was based on a publicly available PoC script that exploited […]

Cybersecurity

Fraudsters Steal Over $1m in Three Weeks in ‘Pig Butchering’ Scam

Malicious actors have stolen more than $1m in a ‘pig butchering’ cryptocurrency scam in just three months, researchers from Sophos have found. The highly sophisticated operation used a total of 14 domains and dozens of nearly identical fraud sites, according to the investigation. The attackers utilized fake trading pools of cryptocurrency from decentralized finance (DeFi) […]

Cybersecurity

New Python NodeStealer Goes Beyond Facebook Credentials, Now Stealing All Browser Cookies and Login Credentials

Summary Netskope Threat Labs is tracking a campaign that uses malicious Python scripts to steal Facebook users’ credentials and browser data. This campaign targets Facebook business accounts with bogus Facebook messages with a malicious file attached. The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing […]

Cybersecurity

Weaponized Windows Installers Target Graphic Designers in Crypto Heist

Attackers are targeting 3D modelers and graphic designers with malicious versions of a legitimate Windows installer tool in a cryptocurrency-mining campaign that’s been ongoing since at least November 2021. The campaign abuses Advanced Installer, a tool for creating software packages, to hide malware in legitimate installers for software used by creative professionals — such as […]