FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
☐ β˜† βœ‡ The Hacker News

From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware

By: Newsroom β€” April 5th 2024 at 09:40
Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content. According to Fortinet FortiGuard Labs, clicking the URL
☐ β˜† βœ‡ The Hacker News

Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks

By: Newsroom β€” April 3rd 2024 at 13:07
Google on Tuesday said it's piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users against session cookie theft by malware. The prototype – currently tested against "some" Google Account users running Chrome Beta – is built with an aim to make it an open web standard, the tech giant's Chromium team said. "By binding authentication sessions to the
☐ β˜† βœ‡ The Hacker News

China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations

By: Newsroom β€” April 2nd 2024 at 11:00
A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. "Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities," Trend Micro security researcher Christopher So said in a report published today. "It has been observed to
☐ β˜† βœ‡ The Hacker News

Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams

By: Newsroom β€” March 5th 2024 at 10:53
A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds. β€œSavvy Seahorse is a DNS threat actor who convinces victims to create accounts on fake investment platforms, make deposits to a personal account, and then transfers those deposits to a bank in Russia,” Infoblox said in a report
☐ β˜† βœ‡ The Hacker News

Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

By: Newsroom β€” March 5th 2024 at 10:25
The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain β€œcan be used for sensitive information gathering purposes and to enable follow-on activity,” enterprise security firm Proofpoint said in a Monday report. At least two campaigns taking advantage of this
☐ β˜† βœ‡ The Hacker News

8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation

By: Newsroom β€” February 26th 2024 at 14:10
More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization. Guardio Labs is tracking the coordinated malicious activity, which has been ongoing since at least September 2022, under the name SubdoMailing. The emails range from "counterfeit
❌