Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

By: Newsroom — May 19^th 2024 at 07:59

The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January. The large-scale phishing attacks, likely facilitated by other cybercriminals via a malware-as-a-service (MaaS) model, target over 1,500 banks across the world, spanning more than 60 countries in Central and South

The Hacker News

New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs

By: Newsroom — May 6^th 2024 at 07:48

Cybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that's designed to set up persistence on the infected hosts and act as a spyware. Dubbed Cuckoo by Kandji, the malware is a universal Mach-O binary that's capable of running on both Intel- and Arm-based Macs. The exact distribution vector is currently unclear, although there are

The Hacker News

Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

By: Newsroom — April 29^th 2024 at 09:58

Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system. The three flaws, all critical in nature, allow an "adversary with sufficient access to perform a sandbox escape and obtain root permissions on the host machine," Australian

The Hacker News

Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny

By: Newsroom — April 25^th 2024 at 06:37

Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstanding competition concerns from U.K. regulators over its Privacy Sandbox initiative. The tech giant said it's working closely with the U.K. Competition and Markets Authority (CMA) and hopes to achieve an agreement by the end of the year. As part of the

The Hacker News

How to Conduct Advanced Static Analysis in a Malware Sandbox

By: The Hacker News — April 18^th 2024 at 10:31

Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in terms of static analysis. See these five scenarios where a sandbox can prove to be a useful tool in your investigations. Detecting Threats in PDFs PDF files are frequently exploited by threat actors to

The Hacker News

Google Chrome Adds V8 Sandbox - A New Defense Against Browser Attacks

By: Newsroom — April 8^th 2024 at 13:51

Google has announced support for what's called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading within the host process." The search behemoth has described V8 Sandbox as a lightweight, in-process sandbox

The Hacker News

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions

By: Newsroom — March 27^th 2024 at 12:54

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user's knowledge," Guardio

The Hacker News

Demystifying a Common Cybersecurity Myth

By: The Hacker News — March 13^th 2024 at 15:39

One of the most common misconceptions in file upload cybersecurity is that certain tools are “enough” on their own—this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today’s ever-evolving file upload security landscape, and a big part of that is understanding where the

The Hacker News

TimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT Users

By: Newsroom — February 28^th 2024 at 07:43

Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer. Cisco Talos, which discovered the activity, described the authors as skilled and that the "threat actor has previously used similar tactics, techniques and procedures (TTPs) to distribute a banking trojan known

The Hacker News

From Alert to Action: How to Speed Up Your SOC Investigations

By: The Hacker News — February 27^th 2024 at 10:48

Processing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional's role. Threat intelligence platforms can significantly enhance their ability to do so. Let's find out what these platforms are and how they can empower analysts. The Challenge: Alert Overload The modern SOC faces a relentless barrage of security alerts generated by SIEMs and EDRs.

The Hacker News

Google's New Tracking Protection in Chrome Blocks Third-Party Cookies

By: Newsroom — December 15^th 2023 at 07:23

Google on Thursday announced that it will start testing a new feature called "Tracking Protection" beginning January 4, 2024, to 1% of Chrome users as part of its efforts to deprecate third-party cookies in the web browser. The setting is designed to limit "cross-site tracking by restricting website access to third-party cookies by default," Anthony Chavez, vice president of Privacy

The Hacker News

New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia

By: Newsroom — December 1^st 2023 at 12:40

Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian countries like Indonesia, Thailand, and Vietnam since early September 2023. "Spreading primarily through messaging services, it combines app-based malware with social engineering to defraud banking customers," Oslo-based mobile app

The Hacker News

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

By: Newsroom — November 29^th 2023 at 04:27

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have

The Hacker News

LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique

By: Newsroom — November 20^th 2023 at 10:49

The stealer malware known as LummaC2 (aka Lumma Stealer) now features a new anti-sandbox technique that leverages the mathematical principle of trigonometry to evade detection and exfiltrate valuable information from infected hosts. The method is designed to "delay detonation of the sample until human mouse activity is detected," Outpost24 security researcher Alberto Marín said in a technical

Naked Security