Late evening, on September 6, 2022, the Wordfence Threat Intelligence team was alerted to the presence of a vulnerability being actively exploited in BackupBuddy, a WordPress plugin we estimate has around 140,000 active installations. This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected site which can include sensitive information. ...Read More
The gaming industry went into full gear during the pandemic, as many people took up online gaming as their new hobby to escape the socially-distanced reality. Since then, the industry has never stopped growing. According to the analytical agency Newzoo, in 2022, the global gaming market will exceed $ 200 billion, with 3 billion players globally. Such an engaged, solvent and eager-to-win audience becomes a tidbit for cybercriminals, who always find ways to fool their victims. One of the most outstanding examples involves $2 million‘s worth of CS:GO skins stolen from a user’s account, which means that losses can get truly grave. Besides stealing personal credentials and funds, hackers can affect the performance of gaming computers, infecting these with unsolicited miner files.
AT&T Alien Labs has discovered a new malware targeting endpoints and IoT devices that are running Linux operating systems. Shikitega is delivered in a multistage infection chain where each module responds to a part of the payload and downloads and executes the next one. An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed and set to persist.
Attackers are leveraging known vulnerabilities in D-Link devices to deliver MooBot, a Mirai variant, potentially leading to further DDoS attacks.
The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.
Dubbed CodeRAT, the new RAT is used in attacks targeting Farsi-speaking code developers using a Microsoft Dynamic Data Exchange (DDE) exploit.
Cybersecurity researchers have offered insight into a previously undocumented software control panel used by a financially motivated threat group known as TA505.
"The group frequently changes its malware attack strategies in response to global cybercrime trends," Swiss cybersecurity firm PRODAFT said in a report shared with The Hacker News. "It opportunistically adopts new technologies in order to gain leverage over victims before the wider cybersecurity industry catches on."
Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns targeting users worldwide. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark Web. On some sources the alternative name is Moloch, which has some connection to a phishing-kit developed by several notable underground actors who targeted the financial institutions and e-commerce sector before.
A few months ago, we blogged about malicious extensions redirecting users to phishing sites and inserting affiliate IDs into cookies of eCommerce sites. Since that time, we have investigated several other malicious extensions and discovered 5 extensions with a total install base of over 1,400,000
"...the extensions also track the user’s browsing activity."
Authored by Alberto Segura (main author) and Mike Stokkel (co-author) Introduction After we discovered in February 2022 the SharkBotDropper in Google Play posing as a fake Android antivirus and cleaner, now we have detected a new version of this dropper active in the Google Play and dropping a new version of Sharkbot.This new dropper doesn't…
Dans une prise de position publiée le 13 juin 2022, le Préposé fédéral à la protection des données et à la transparence a estimé que le recours aux services cloud M365 de Microsoft serait susceptible de violer la Loi fédérale sur la protection des données, quand bien même le projet de la Caisse nationale suisse d'assurance en cas d'accidents (SUVA) envisage que les données soient hébergées en Suisse et que le cocontractant du responsable du traitement soit une entité européenne du Groupe Microsoft.
Reuters shows how Chinese hackers invaded myriad global companies, exposing entrenched weaknesses in Western cyber defenses.
Comme cela était attendu, le Conseil fédéral a adopté les projets d’Ordonnance sur la protection des données (OPDo) et d’Ordonnance sur les certifications en matière de protection des données (OCPD) Plus rien ne s’oppose donc à l’entrée en vigueur de la Loi sur la protection des données révisée (nLPD) le 1er septembre 2023. Le Conseil fédéral a en effet souhaité laisser encore un peu de temps aux petites et moyennes entreprises pour se mettre en conformité.
Attackers attempted to disrupt ride-hailing app service on Thursday, the company confirmed.
A new threat actor is spreading infostealer malware through targeted attacks on developers and fraudulent cryptotrading applications.
Local law enforcement agencies from suburban Southern California to rural North Carolina have been using an obscure cellphone tracking tool, at times without search warrants, that gives them the power to follow people’s movements months back in time, according to public records and internal emails obtained by The Associated Press.
A group of security researchers found a series of vulnerabilities in the software underlying popular apps like Discord, Microsoft Teams, Spotify and many others
Hundreds of millions use Zimbra, an all-in-one business productivity suite for micro, small, medium & enterprise in-office and remote work teams. The Zimbra Inc company was acquired by Synacor Inc
Traffers are responsible for redirecting user traffic to malicious content (malware, fraud, phishing, scam) exploited by other threat actors.
