P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers. […]
How to Cut Costs with a Browser Security Platform
Browser security is becoming increasingly popular, as organizations understand the need to protect at the point of risk – the browser. Network and endpoint solutions are limited in their ability to protect from web-borne threats like phishing websites or malicious browser extensions. They also do not protect from internal data exfiltration, like employees pasting sensitive data to ChatGPT. As it
New Cyberthreat ‘Boolka’ Deploying BMANAGER Trojan via SQLi Attacks
A previously undocumented threat actor dubbed Boolka has been observed compromising websites with malicious scripts to deliver a modular trojan codenamed BMANAGER.
“The threat actor behind this campaign has been carrying out opportunistic SQL injection attacks against websites in various countries since at least 2022,” Group-IB researchers Rustam Mirkasymov and Martijn van den Berk said in a
“The threat actor behind this campaign has been carrying out opportunistic SQL injection attacks against websites in various countries since at least 2022,” Group-IB researchers Rustam Mirkasymov and Martijn van den Berk said in a
Wikileaks’ Julian Assange Released from U.K. Prison, Heads to Australia
WikiLeaks founder Julian Assange has been freed in the U.K. and has departed the country after serving more than five years in a maximum security prison at Belmarsh for what was described by the U.S. government as the “largest compromises of classified information in the history” of the country.
Capping off a 14-year legal saga, Assange, 52, pleaded guilty to one criminal count of conspiring to
Capping off a 14-year legal saga, Assange, 52, pleaded guilty to one criminal count of conspiring to
4 FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree
Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for their involvement in a series of computer intrusions that caused over $71 million in losses to companies.
The defendants, Ta Van Tai (aka Quynh Hoa and Bich Thuy), Nguyen Viet Quoc (aka Tien Nguyen), Nguyen Trang Xuyen, and Nguyen Van Truong (aka Chung Nguyen), have been accused of conducting
The defendants, Ta Van Tai (aka Quynh Hoa and Bich Thuy), Nguyen Viet Quoc (aka Tien Nguyen), Nguyen Trang Xuyen, and Nguyen Van Truong (aka Chung Nguyen), have been accused of conducting
Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts
Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions.
“The injected malware attempts to create a new administrative user account and then sends those details back to the attacker-controlled server,” Wordfence security researcher Chloe Chamberland said in a Monday alert.
“The injected malware attempts to create a new administrative user account and then sends those details back to the attacker-controlled server,” Wordfence security researcher Chloe Chamberland said in a Monday alert.
Chemical facilities warned of possible data theft in CISA CSAT breach
CISA is warning that its Chemical Security Assessment Tool (CSAT) environment was breached in January after hackers deployed a webshell on its Ivanti device, potentially exposing sensitive security assessments and plans. […]
Chrome for Android tests feature that securely verifies your ID with sites
Google is testing a new feature called “Digital Credential API” for Chrome on Android that will allow websites to request identity information from mobile wallets using Android’s IdentityCredential system. […]
New attack uses MSC files and Windows XSS flaw to breach networks
A novel command execution technique dubbed ‘GrimResource’ uses specially crafted MSC (Microsoft Saved Console) and an unpatched Windows XSS flaw to perform code execution via the Microsoft Management Console. […]
Four FIN9 hackers indicted for cyberattacks causing $71M in losses
Four Vietnamese nationals linked to the international cybercrime group FIN9 have been indicted for their involvement in a series of computer intrusions that caused over $71 million in losses to companies in the U.S. […]