August 2023 – Page 6 – Learn and Explore

August 19, 2023
Uncategorized

WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams

Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that’s engineered to conduct tech support scams. The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging JavaScript embedded in compromised websites to perform anti-bot and web traffic filtering checks to serve

August 19, 2023
Uncategorized

New Juniper Junos OS Flaws Expose Devices to Remote Attacks – Patch Now

Networking hardware company Juniper Networks has released an “out-of-cycle” security update to address multiple flaws in the J-Web component of Junos OS that could be combined to achieve remote code execution on susceptible installations. The four vulnerabilities have a cumulative CVSS rating of 9.8, making them Critical in severity....

August 19, 2023
Uncategorized

Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection

Threat actors are using Android Package (APK) files with unknown or unsupported compression methods to elude malware analysis. That’s according to findings from Zimperium, which found 3,300 artifacts leveraging such compression algorithms in the wild. 71 of the identified samples can be loaded on the operating system without any...

August 18, 2023
Uncategorized

New Wave of Attack Campaign Targeting Zimbra Email Users for Credential Theft

A new “mass-spreading” social engineering campaign is targeting users of the Zimbra Collaboration email server with an aim to collect their login credentials for use in follow-on operations. The activity, active since April 2023 and still ongoing, targets a wide range of small and medium businesses and governmental entities,...

August 18, 2023
Uncategorized

The Vulnerability of Zero Trust: Lessons from the Storm 0558 Hack

While IT security managers in companies and public administrations rely on the concept of Zero Trust, APTS (Advanced Persistent Threats) are putting its practical effectiveness to the test. Analysts, on the other hand, understand that Zero Trust can only be achieved with comprehensive insight into one’s own network. Just...

August 18, 2023
Uncategorized

14 Suspected Cybercriminals Arrested Across Africa in Coordinated Crackdown

A coordinated law enforcement operation across 25 African countries has led to the arrest of 14 suspected cybercriminals, INTERPOL announced Friday. The exercise, conducted in partnership with AFRIPOL, enabled investigators to identify 20,674 cyber networks that were linked to financial losses of more than $40 million. “The four-month Africa Cyber Surge...

August 18, 2023
Uncategorized

New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools

Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. “The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the...

August 18, 2023
Uncategorized

Google Chrome’s New Feature Alerts Users About Auto-Removal of Malicious Extensions

Google has announced plans to add a new feature in the upcoming version of its Chrome web browser to alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release alongside Chrome 117, allows users to be notified when...

August 17, 2023
Uncategorized

NoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows Security

A previously undetected attack method called NoFilter has been found to abuse the Windows Filtering Platform (WFP) to achieve privilege escalation in the Windows operating system. “If an attacker has the ability to execute code with admin privilege and the target is to perform LSASS Shtinkering, these privileges are not enough,” Ron...

August 17, 2023
Uncategorized

New LABRAT Campaign Exploits GitLab Flaw for Cryptojacking and Proxyjacking Activities

A new, financially motivated operation dubbed LABRAT has been observed weaponizing a now-patched critical flaw in GitLab as part of a cryptojacking and proxyjacking campaign. “The attacker utilized undetected signature-based tools, sophisticated and stealthy cross-platform malware, command-and-control (C2) tools which bypassed firewalls, and kernel-based rootkits to hide their presence,” Sysdig