БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 74

Aug 4, 2022

Thousands of hackers flock to ‘Dark Utilities’ C2-as-a-Service

Posted by in category: cybercrime/malcode

Security researchers found a new service called Dark Utilities that provides an easy and inexpensive way for cybercriminals to set up a command and control (C2) center for their malicious operations.

The Dark Utilities service provides threat actors a platform that supports Windows, Linux, and Python-based payloads, and eliminates the effort associated with implementing a C2 communication channel.

A C2 server is how adversaries control their malware in the wild, sending out commands, configurations and new payloads, and receiving data collected from compromised systems.

Aug 3, 2022

Hackers Loot Blockchain Bridge for Millions In “Frenzied Free For All”

Posted by in categories: blockchains, cryptocurrencies, cybercrime/malcode

On Monday, hackers exploited a basic vulnerability in the code of Nomad — a crypto “bridge” that allows customers to transfer cryptocurrencies between different blockchains — getting away with roughly $190 million in user investments, CNBC reports.

This hack is just the latest in a string of attacks on crypto bridges, platforms that, according to CNBC, have collectively lost more than $1 billion to hackers in 2022 alone.

Given that Nomad markets itself as a “secure” platform, the company definitely has a lot of explaining to do.

Aug 3, 2022

Wolf in sheep’s clothing: how malware tricks users and antivirus

Posted by in category: cybercrime/malcode

One of the primary methods used by malware distributors to infect devices is by deceiving people into downloading and running malicious files, and to achieve this deception, malware authors are using a variety of tricks.

Some of these tricks include masquerading malware executables as legitimate applications, signing them with valid certificates, or compromising trustworthy sites to use them as distribution points.

According to VirusTotal, a security platform for scanning uploaded files for malware, some of these tricks are happening on a much larger scale than initially thought.

Aug 2, 2022

Researchers Discover Nearly 3,200 Mobile Apps Leaking Twitter API Keys

Posted by in categories: cybercrime/malcode, space

Researchers have reported the discovery of an exoplanet orbiting Ross 508 near the inner edge of its habitable zone.


Researchers have uncovered a list of 3,207 mobile apps that are exposing Twitter API keys in the clear, some of which can be utilized to gain unauthorized access to Twitter accounts associated with them.

The takeover is made possible, thanks to a leak of legitimate Consumer Key and Consumer Secret information, respectively, Singapore-based cybersecurity firm CloudSEK said in a report exclusively shared with The Hacker News.

Continue reading “Researchers Discover Nearly 3,200 Mobile Apps Leaking Twitter API Keys” »

Aug 2, 2022

Australian Hacker Charged with Creating, Selling Spyware to Cyber Criminals

Posted by in categories: business, cybercrime/malcode

A 24-year-old Australian hacker has been charged with developing and selling the “Imminent Monitor” spy software to more than 14,500 people.


Critical Security Vulnerabilities In Netgear Business Routers Which The Netgear Team Can’t Fix. Stop Using These Routers As Soon As Possible — Vulnerabilities — Information Security Newspaper | Hacking News.

Aug 2, 2022

Critical Security Vulnerabilities In Netgear Business Routers Which The Netgear Team Can’t Fix. Stop Using These Routers As Soon As Possible

Posted by in categories: business, cybercrime/malcode

Vulnerabilities — information security newspaper | hacking news.

Aug 2, 2022

LockBit Ransomware Exploits Windows Defender to Sideload Cobalt Strike Payload

Posted by in category: cybercrime/malcode

A Sentinel One investigation revealed threat actors (TA) have been abusing the Windows Defender command line tool to decrypt and load Cobalt Strike payloads.

The cybersecurity experts detailed their findings in an advisory last week, in which they said the TA managed to carry out the attacks after obtaining initial access via the Log4Shell vulnerability against an unpatched VMware Horizon Server.

The attackers reportedly modified the Blast Secure Gateway component of the application by installing a web shell using PowerShell code.

Aug 2, 2022

Dark Web Research Suggests 87% of Ransomware brands Exploit Malicious Macros

Posted by in category: cybercrime/malcode

The findings reportedly uncovered 475 web pages of elaborate ransomware products and services, alongside many high-profile groups aggressively marketing ransomware-as-a-service (RAAS).

Forensic Pathways also identified 30 different “brands” of ransomware, with some known names such as BlackCat, Egregor, Hidden Tear and WannaCry having been successfully used in high-profile attacks.

The research also suggested Ransomware strains used in high-profile attacks command a higher price for associated services.

Aug 2, 2022

User Information for Sale on The Dark Web

Posted by in categories: business, cybercrime/malcode

This post is also available in: he עברית (Hebrew)

A recent report has shown that many social media databases are currently being sold on Breach Forums, a popular hacking forum on the Dark Web. According to cyber security researchers HackerOne, the database allegedly consisted of 5.4 million users, and included the datasets for celebrities, politicians and businesses. The owner of Breach Forums reportedly verified the authenticity of the leaked data.

This nefarious collection of information was due to an already known Twitter vulnerability that could possibly allow an attacker to acquire the phone number and/or email address associated with user accounts even if the user had hidden those fields in the platform’s privacy settings. This should worry many social media users, as it seems that privacy and anonymity are merely a veil that hides the many dangers we are exposed to on the internet.

Jul 30, 2022

Fighting counterfeit with carbon nanotubes

Posted by in categories: cybercrime/malcode, encryption, internet, nanotechnology, quantum physics

The ubiquity of electronic devices makes it essential to use encryption and anti-counterfeiting tools to protect the privacy and security of users. With the growing expansion of the Internet of Things, protection against attacks that violate the authenticity of products is increasingly necessary. Traditionally, message protection has been based on different systems: passwords, digital signatures or encryption. This cryptography is based on unknown keys to a possible attacker, but unfortunately these systems are becoming obsolete as new more invasive attacks appear: malware, API attacks or physical hardware attacks.

While quantum computing slowly progresses towards the cryptographic paradigm, the so-called physically unclonable functions (PUFs) are presented as the choice to ensure unique and effective identification. A PUF is a device that has unique and non-repeatable physical properties that can be translated into usable bits of information. The idea of applying random to identify systems or people is not new: for example, the identification of individuals using the fingerprint dates from the 19th century. More recently, the identity of electronic devices has been established using PUFs, which are “electronic fingerprints” of an integrated circuit.

Authentication based on PUFs comprises a chip manufactured by intrinsically random processes that make cloning almost impossible, even though all the details of the manufacturing process are known. The measurements of the various physical properties of the PUF depend on the properties of the chip at the nanoscale, thus constitute a very powerful anti-fraud and anti-counterfeiting technology. To be implementable at an industrial level, this chip must be low cost, scalable and its properties must be easily measurable by means of an identifiable function.

Page 74 of 216First7172737475767778Last