Hackers Steal Over $2 Million in Cryptocurrency From CoinStats Wallets

/in

CoinStats says North Korean hackers drained $2 million in virtual assets from 1,590 cryptocurrency wallets.

The post Hackers Steal Over $2 Million in Cryptocurrency From CoinStats Wallets appeared first on SecurityWeek.

SecurityWeek – ​Read More

Boolka Group’s Modular Trojan BMANAGER Exposed

/in

The Boolka group is responsible for deploying advanced malware and conducting web attacks. They have been exploiting vulnerabilities using SQL injection attacks since 2022, targeting websites in various countries.

Cyware News – Latest Cyber News – ​Read More

New Attack Uses MSC Files and Windows XSS Flaw to Breach Networks

/in

A new command execution technique called “GrimResource” has been discovered that leverages a combination of specially crafted Microsoft Saved Console (MSC) files and an unpatched Windows XSS flaw.

Cyware News – Latest Cyber News – ​Read More

Indonesia Says a Cyberattack Has Compromised Its Data Center but It Won’t Pay the $8 Million Ransom

/in

Indonesia’s national data center has been compromised by a hacking group asking for a $8 million ransom that the government won’t pay.

The post Indonesia Says a Cyberattack Has Compromised Its Data Center but It Won’t Pay the $8 Million Ransom appeared first on SecurityWeek.

SecurityWeek – ​Read More

Hackers Create Rogue Admin Accounts via Backdoored WordPress Plugins

/in

Multiple WordPress plugins have been found to contain a backdoor that injects malicious code. This code allows attackers to create unauthorized administrator accounts, enabling them to perform malicious actions.

Cyware News – Latest Cyber News – ​Read More

Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher

/in

Researcher shows how hackers could use social engineering to deliver ransomware and other malware to Meta’s Quest 3 VR headset.

The post Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher appeared first on SecurityWeek.

SecurityWeek – ​Read More

New Attack Technique Exploits Microsoft Management Console Files

/in

Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files to gain full code execution using Microsoft Management Console (MMC) and evade security defenses.
Elastic Security Labs has codenamed the approach GrimResource after identifying an artifact (“sccm-updater.msc”) that was uploaded to the VirusTotal malware

The Hacker News – ​Read More

Several Plugins Compromised in WordPress Supply Chain Attack 

/in

Five WordPress plugins were injected with malicious code that creates a new administrative account.

The post Several Plugins Compromised in WordPress Supply Chain Attack  appeared first on SecurityWeek.

SecurityWeek – ​Read More

How adversarial AI is creating shallow trust in deepfake world

/in

Deepfakes and misinformation are driving a wedge of distrust between companies and the customers they serve.Read More

Security News | VentureBeat – ​Read More

How to Cut Costs with a Browser Security Platform

/in

Browser security is becoming increasingly popular, as organizations understand the need to protect at the point of risk – the browser. Network and endpoint solutions are limited in their ability to protect from web-borne threats like phishing websites or malicious browser extensions. They also do not protect from internal data exfiltration, like employees pasting sensitive data to ChatGPT. As it

The Hacker News – ​Read More