CISA Warns of Hackers Exploiting Chrome, EoL D-Link Bugs

/in

CISA has added a high-severity vulnerability (CVE-2024-4761) in Chrome’s V8 JavaScript engine to its ‘Known Exploited Vulnerabilities’ catalog, which is being actively exploited.

Cyware News – Latest Cyber News – ​Read More

Latrodectus Malware Loader Emerges as IcedID’s Successor in Phishing Campaigns

/in

Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware.
“These campaigns typically involve a recognizable infection chain involving oversized JavaScript files that utilize WMI’s ability to invoke msiexec.exe and install a remotely-hosted MSI

The Hacker News – ​Read More

Why data breaches have become ‘normalized’ and 6 things CISOs can do to prevent them

/in

It’s crucial that CISOs and their teams ensure employees are aware of vulnerabilities, and build a system resilient to breaches.Read More

Security News | VentureBeat – ​Read More

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam

/in

The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies.
The individuals, Daren Li, 41, and Yicheng Zhang, 38, were arrested in Atlanta and Los Angeles on April 12 and May 16, respectively.
The foreign nationals have been “charged for leading a scheme

The Hacker News – ​Read More

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

/in

The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January.
The large-scale phishing attacks, likely facilitated by other cybercriminals via a malware-as-a-service (MaaS) model, target over 1,500 banks across the world, spanning more than 60 countries in Central and South

The Hacker News – ​Read More

Tracking the Progression of Earth Hundun’s Cyberespionage Campaign in 2024

/in

Deuterbear, while similar to Waterbear in many ways, shows advancements in capabilities such as including support for shellcode plugins, avoiding handshakes for RAT operation, and using HTTPS for C&C communication.

Cyware News – Latest Cyber News – ​Read More

Kimsuky Hackers Deploy New Linux Backdoor in Attacks on South Korea

/in

Gomir shares many similarities with GoBear and features direct command and control (C2) communication, persistence mechanisms, and support for executing a wide range of commands.

Cyware News – Latest Cyber News – ​Read More

US Official Warns a Cell Network Flaw Is Being Exploited for Spying

/in

Plus: Three arrested in North Korean IT workers fraud ring, Tesla staffers shared videos from owners’ cars, and more.

Security Latest – ​Read More

SugarGh0st RAT Variant Used in Targeted AI Industry Attacks

/in

The May 2024 campaign, dubbed UNK_SweetSpecter, employs the SugarGh0st RAT, a remote access trojan tailored from the Gh0stRAT. This variant, historically linked to Chinese-speaking threat actors, has now been repurposed to target AI-related entities.

Cyware News – Latest Cyber News – ​Read More

New Backdoors on a European Government’s Network Appear to be Russian

/in

Researchers with the Slovak cybersecurity firm ESET published a technical analysis on Wednesday of the two backdoors by a suspected Russian threat group, which they named LunarWeb and LunarMail.

Cyware News – Latest Cyber News – ​Read More