New JinxLoader Targeting Users with Formbook and XLoader Malware

A new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook and its successor XLoader.
The disclosure comes from cybersecurity firms Palo Alto Networks Unit 42 and Symantec, both of which highlighted multi-step attack sequences that led to the deployment of JinxLoader through phishing attacks.
“The

The Hacker News – ​Read More

Microsoft Disables App Installer After Feature is Abused for Malware

By Deeba Ahmed

According to the Microsoft Threat Intelligence Team, threat actors labeled as ‘financially motivated’ utilize the ms-appinstaller URI scheme for malware distribution.

This is a post from HackRead.com Read the original post: Microsoft Disables App Installer After Feature is Abused for Malware

Hackread – Latest Cybersecurity News, Press Releases & Technology Today – ​Read More

Google Fixes Nearly 100 Android Security Issues

Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.

Security Latest – ​Read More

Google Settles $5 Billion Privacy Lawsuit Over Tracking People Using ‘Incognito Mode’

Google agreed to settle a $5 billion privacy lawsuit claiming that it continued spying on people who used the “incognito” mode in its Chrome browser.

The post Google Settles $5 Billion Privacy Lawsuit Over Tracking People Using ‘Incognito Mode’ appeared first on SecurityWeek.

SecurityWeek – ​Read More

China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks

By Deeba Ahmed

The police arrested two suspects in Beijing and two in Inner Mongolia.

This is a post from HackRead.com Read the original post: China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks

Hackread – Latest Cybersecurity News, Press Releases & Technology Today – ​Read More

Beware: Scam-as-a-Service Aiding Cybercriminals in Crypto Wallet-Draining Attacks

Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets.
“These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a crypto wallet-draining technique,” Check Point researchers Oded Vanunu,

The Hacker News – ​Read More

Info-Stealing Malware Now Includes Google Session Hijacking

Multiple malware-as-a-service info stealers now have the ability to manipulate authentication tokens to gain persistent access to a victim’s Google account, even after the user has reset their password.

Cyware News – Latest Cyber News – ​Read More

Kimsuky Hackers Deploying AppleSeed, Meterpreter, and TinyNuke in Latest Attacks

The North Korean Kimsuky APT has recently been observed using a new variant called AlphaSeed, written in Golang, which uses chromedp for communication with the command-and-control server.

Cyware News – Latest Cyber News – ​Read More

The password identity crisis: Evolving authentication methods in 2024 and beyond

A future beyond passwords: Key identity management techniques to watch out for in 2024, including passkeys, biometrics and zero trust.Read More

Security News | VentureBeat – ​Read More

Why training LLMs with endpoint data will strengthen cybersecurity

LLMs are uniquely positioned to take on the challenge of predicting potential intrusion attempt patterns across endpoints using collected attack data.Read More

Security News | VentureBeat – ​Read More