The FBI and CISA Issue Joint Advisory on New Threats and How to Stop Ransomware
Note: on August 29, the FBI and CISA issued a joint advisory as part of their ongoing #StopRansomware effort to help organizations protect against ransomware. The latest advisory, AA24-242A, describes a new cybercriminal group and its attack methods. It also details three important actions to take today to mitigate
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-09-02 08:07:252024-09-02 08:07:25Next-Generation Attacks, Same Targets – How to Protect Your Users’ Identities
Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware.
“By mimicking the popular ‘noblox.js’ library, attackers have published dozens of packages designed to steal sensitive data and compromise systems,” Checkmarx
A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit.
The development is indicative of the persistent efforts made by the nation-state adversary, which had made a habit of incorporating rafts of Windows zero-day exploits into its arsenal in recent months.
Plus: China-linked hackers infiltrate US internet providers, authorities crack down on a major piracy operation, and a ransomware gang claims attacks during the Paris Olympics.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-31 11:06:572024-08-31 11:06:57Taylor Swift Concert Terror Plot Was Thwarted by Key CIA Tip
The attack starts with a phishing email disguised as a fund transfer notification, with an attached Excel file named “swift copy.xls” that triggers the deployment of Snake Keylogger on the victim’s computer upon opening.
Once installed, the Rocinante malware prompts the victim to grant Accessibility Services and displays phishing screens tailored to different banks to steal personal information.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-31 08:06:342024-08-31 08:06:34Rocinante: The Trojan Horse That Wanted to Fly
The QiAnXin Threat Intelligence Center has revealed the details of “Operation DevilTiger,” a cyber espionage campaign carried out by the elusive APT-Q-12 group, also known as “Pseudo Hunter.”
The ransomware operation focuses on data theft extortion rather than encrypting files, with victims facing the threat of stolen data being leaked or sold if negotiations fail.
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Next-Generation Attacks, Same Targets – How to Protect Your Users’ Identities
/in General NewsThe FBI and CISA Issue Joint Advisory on New Threats and How to Stop Ransomware
Note: on August 29, the FBI and CISA issued a joint advisory as part of their ongoing #StopRansomware effort to help organizations protect against ransomware. The latest advisory, AA24-242A, describes a new cybercriminal group and its attack methods. It also details three important actions to take today to mitigate
The Hacker News – Read More
Malicious npm Packages Mimicking ‘noblox.js’ Compromise Roblox Developers’ Systems
/in General NewsRoblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware.
“By mimicking the popular ‘noblox.js’ library, attackers have published dozens of packages designed to steal sensitive data and compromise systems,” Checkmarx
The Hacker News – Read More
Ransomware Gangs Pummel Southeast Asia
/in General NewsSuccessful ransomware attacks against organizations in Asia continue at peak levels in 2024 following a wave of high-profile data breaches last year.
darkreading – Read More
North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit
/in General NewsA recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit.
The development is indicative of the persistent efforts made by the nation-state adversary, which had made a habit of incorporating rafts of Windows zero-day exploits into its arsenal in recent months.
The Hacker News – Read More
New Voldemort Malware Uses Google Sheets to Target Key Sectors Globally
/in General NewsThe Voldemort Malware campaign is spreading globally with over 20,000 phishing emails to more than 70 organizations, with…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Taylor Swift Concert Terror Plot Was Thwarted by Key CIA Tip
/in General NewsPlus: China-linked hackers infiltrate US internet providers, authorities crack down on a major piracy operation, and a ransomware gang claims attacks during the Paris Olympics.
Security Latest – Read More
New Snake Keylogger Variant Slithers Into Phishing Campaigns
/in General NewsThe attack starts with a phishing email disguised as a fund transfer notification, with an attached Excel file named “swift copy.xls” that triggers the deployment of Snake Keylogger on the victim’s computer upon opening.
Cyware News – Latest Cyber News – Read More
Rocinante: The Trojan Horse That Wanted to Fly
/in General NewsOnce installed, the Rocinante malware prompts the victim to grant Accessibility Services and displays phishing screens tailored to different banks to steal personal information.
Cyware News – Latest Cyber News – Read More
Operation DevilTiger: APT-Q-12’s Shadowy Tactics and Zero-Day Exploits Unveiled
/in General NewsThe QiAnXin Threat Intelligence Center has revealed the details of “Operation DevilTiger,” a cyber espionage campaign carried out by the elusive APT-Q-12 group, also known as “Pseudo Hunter.”
Cyware News – Latest Cyber News – Read More
FBI: RansomHub Ransomware Breached 210 Victims Since February 2024
/in General NewsThe ransomware operation focuses on data theft extortion rather than encrypting files, with victims facing the threat of stolen data being leaked or sold if negotiations fail.
Cyware News – Latest Cyber News – Read More