Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 2
26 résultats taggé malicious  ✕
Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT https://unit42.paloaltonetworks.com/fake-cve-2023-40477-poc-hides-venomrat/
19/09/2023 20:59:11
QRCode
archive.org
thumbnail

A phony proof-of-concept (PoC) code for CVE-2023-40477 delivered a payload of VenomRAT. We detail our findings, including an analysis of the malicious code.

unit42 EN 2023 PoC fake CVE-2023-40477 VenomRAT malicious
An Ongoing Open Source Attack Reveals Roots Dating Back To 2021 https://checkmarx.com/blog/an-ongoing-open-source-attack-reveals-roots-dating-back-to-2021/
01/09/2023 09:01:02
QRCode
archive.org
thumbnail

Developers in the cryptocurrency sphere are being targeted once again, as yet another threat actor has been exposed. This user has been publishing malicious NPM packages with the purpose of exfiltrating sensitive data such as source code and configuration files from the victim’s machines. The threat actor behind this campaign has been linked to malicious activity dating back to 2021. Since then, they have continuously published malicious code.

checkmarx EN 2023 malicious NPM Supply-chain-security
Security advisory: malicious crate rustdecimal https://blog.rust-lang.org/2022/05/10/malicious-crate-rustdecimal.html
28/08/2023 06:42:31
QRCode
archive.org
thumbnail

The Rust Security Response WG and the crates.io team were notified on 2022-05-02 of the existence of the malicious crate rustdecimal, which contained malware. The crate name was intentionally similar to the name of the popular rust_decimal crate, hoping that potential victims would misspell its name (an attack called "typosquattin

rust-lang EN 2022 malicious crate rustdecimal
Hackers exploit gaping Windows loophole to give their malware kernel access https://arstechnica.com/security/2023/07/hackers-exploit-gaping-windows-loophole-to-give-their-malware-kernel-access/
12/07/2023 09:37:03
QRCode
archive.org
thumbnail

Microsoft blocks a new batch of system drivers, but the loophole empowering them remains.

arstechnica EN 2023 Windows malicious drivers loophole 2015
Microsoft Revokes Malicious Drivers in Patch Tuesday Culling https://news.sophos.com/en-us/2023/07/11/microsoft-revokes-malicious-drivers-in-patch-tuesday-culling/
12/07/2023 09:33:30
QRCode
archive.org
thumbnail

In December 2022, Microsoft published their monthly Windows Update packages that included an advisory about malicious drivers, signed by Microsoft and other code-signing authorities, that Sophos X-…

sophos EN 2023 malicious drivers Microsoft-signed
Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks https://www.reversinglabs.com/blog/operation-brainleeches-malicious-npm-packages-fuel-supply-chain-and-phishing-attacks
07/07/2023 10:20:48
QRCode
archive.org
thumbnail

“Write once, infect everywhere” might be the new cybercrime motto, with newly discovered campaigns showing malicious npm packages powering phishing kits and supply chain attacks.

reversinglabs EN NPM Malicious packages supplychain Supply-Chain-Attack
How malicious extensions hide running arbitrary code https://palant.info/2023/06/02/how-malicious-extensions-hide-running-arbitrary-code
05/06/2023 21:50:41
QRCode
archive.org
thumbnail

Eight malicious extensions still remain in Chrome Web Store. These use some interesting tricks to keep running arbitrary code despite restrictions of Manifest V3.

palant EN 2023 Chrome Web Store extensions malicious
Malicious VSCode extensions with more than 45K downloads steal PII and enable backdoors - Check Point Blog https://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/
16/05/2023 22:04:01
QRCode
archive.org
thumbnail

Highlights: CloudGuard Spectrals detected malicious extensions on the VSCode marketplace Users installing these extensions were enabling attackers to

checkpoint EN 2023 VSCode extensions malicious
Threat Actors Rapidly Adopt Web3 IPFS Technology https://unit42.paloaltonetworks.com/ipfs-used-maliciously/
19/04/2023 23:00:08
QRCode
archive.org
thumbnail

Web3 technologies are seeing widespread adoption — including by TAs. We discuss Web3 technology InterPlanetary File System (IPFS), and malicious use of it.

unit42 EN 2023 paloalto IPFS malicious use Web3
Qakbot mechanizes distribution of malicious OneNote notebooks https://news.sophos.com/en-us/2023/02/06/qakbot-onenote-attacks/
03/04/2023 07:14:26
QRCode
archive.org
thumbnail

A large-scale "QakNote" attack deploys malicious .one files as a novel infection vector

sophos EN 2023 Qakbot QakNote malicious OneNote
A Noteworthy Threat: How Cybercriminals are Abusing OneNote https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/a-noteworthy-threat-how-cybercriminals-are-abusing-onenote-part-1/
08/03/2023 21:34:33
QRCode
archive.org
thumbnail

Threat actors are taking advantage of Microsoft OneNote's ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files.

trustwave EN 2023 Microsoft OneNote phishing malicious analysis
Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results https://www.sentinelone.com/blog/breaking-down-the-seo-poisoning-attack-how-attackers-are-hijacking-search-results/
21/01/2023 22:56:51
QRCode
archive.org
thumbnail

SEO poisoning is gaining momentum as threat actors leverage malicious ads to deliver malware through web browser searches.

sentinelone EN 2023 SEO poisoning Hijacking Search Results googleads malware web malicious
OPWNAI : Cybercriminals Starting to Use ChatGPT https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/
07/01/2023 11:11:03
QRCode
archive.org

At the end of November 2022, OpenAI released ChatGPT, the new interface for its Large Language Model (LLM), which instantly created a flurry of interest in AI and its possible uses. However, ChatGPT has also added some spice to the modern cyber threat landscape as it quickly became apparent that code generation can help less-skilled threat actors effortlessly launch cyberattacks.

In Check Point Research’s (CPR) previous blog, we described how ChatGPT successfully conducted a full infection flow, from creating a convincing spear-phishing email to running a reverse shell, capable of accepting commands in English. The question at hand is whether this is just a hypothetical threat or if there are already threat actors using OpenAI technologies for malicious purposes.

CPR’s analysis of several major underground hacking communities shows that there are already first instances of cybercriminals using OpenAI to develop malicious tools. As we suspected, some of the cases clearly showed that many cybercriminals using OpenAI have no development skills at all. Although the tools that we present in this report are pretty basic, it’s only a matter of time until more sophisticated threat actors enhance the way they use AI-based tools for bad.

checkpoint EN 2023 research deepweb OpenAI ChatGPT cybercriminals malicious tools
Threat Spotlight: XLLing in Excel - threat actors using malicious add-ins https://blog.talosintelligence.com/xlling-in-excel-malicious-add-ins/
26/12/2022 23:07:12
QRCode
archive.org
thumbnail

As more and more users adopt new versions of Microsoft Office, it is likely that threat actors will turn away from VBA-based malicious documents to other formats such as XLLs or rely on exploiting newly discovered vulnerabilities to launch malicious code.

talosintelligence EN 2022 Excel XLLing malicious add-ins XLL malicious analysis
Android SharkBot Droppers on Google Play Underline Platform's Security Needs https://www.bitdefender.com/blog/labs/android-sharkbot-droppers-on-google-play-underlines-platforms-security-needs/
22/11/2022 21:24:35
QRCode
archive.org
thumbnail

A common theme we've noticed in the last few months consists of malicious apps
distributed directly from the Google Play Store.

bitdefender EN 2022 SharkBot Android GooglePlay malicious apps
Massive ois[.]is Black Hat Redirect Malware Campaign https://blog.sucuri.net/2022/11/massive-ois-is-black-hat-redirect-malware-campaign.html
12/11/2022 22:31:02
QRCode
archive.org
thumbnail

Learn how attackers are redirecting WordPress website visitors to fake Q&A sites via ois[.]is. Nearly 15,000 websites affected by this malware so far.

sucuri EN 2022 campaign WordPress malware Malicious SEO Analysis ois.is
The Case of Cloud9 Chrome Botnet https://www.zimperium.com/blog/the-case-of-cloud9-chrome-botnet/
08/11/2022 15:54:50
QRCode
archive.org
thumbnail

The Zimperium zLabs team recently discovered a malicious browser extension, originally called Cloud9, which not only steals the information available during the browser session but can also install malware on a user's device and subsequently assume control of the entire device. In this blog, we will take a deeper look into this malicious browser extension.

zimperium EN 2022 browser extension Cloud9 malicious stealer malware Analysis
Malicious App Developer Remains on Google Play https://gizmodo.com/google-play-phishing-malicious-apps-1849731818
03/11/2022 07:11:03
QRCode
archive.org
thumbnail

A report shows four Bluetooth-centered apps by the same developer have been downloaded 1 million times combined while containing malicious code.

gizmodo EN google-play malicious code app Bluetooth-centered
“Dormant Colors”: Live Campaign With Over 1M Data Stealing Extensions Installed https://guardiosecurity.medium.com/dormant-colors-live-campaign-with-over-1m-data-stealing-extensions-installed-9a9a459b5849
24/10/2022 07:02:14
QRCode
archive.org
thumbnail

The “Dormant Colors” is yet another vast campaign of malicious extensions with millions of active installations worldwide, this time with a color-related theme and full of deception all through the chain. It starts with the trickery malvertising campaign, continues with a crafty novel way to side-load the real malicious code without anyone noticing (until now!), and finally with stealing not only your searches and browsing data, but also affiliation to 10,000 targeted sites — a capability that is easily leveraged for targeted spear phishing, account takeover and credential extraction — all using this powerful network of millions of infected computers worldwide!

guardiosecurity EN 2022 Campaign Data Stealing malicious Extensions browser Chrome Edge
Malicious WhatsApp mod distributed through legitimate apps https://securelist.com/malicious-whatsapp-mod-distributed-through-legitimate-apps/107690/
12/10/2022 15:26:42
QRCode
archive.org
thumbnail

The malicious version of YoWhatsApp messenger, containing Triada trojan, was spreading through ads in the popular Snaptube app and the Vidmate app's internal store.

securelist EN 2022 Trojan WhatsApp malicious Snaptube
page 1 / 2
1765 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio