Cyware Alerts - Hacker News

MalVirt Loader Distributes Formbook and XLoader with Unusual Levels of Obfuscation

MalVirt Loader Distributes Formbook and XLoader with Unusual Levels of Obfuscation - Cybersecurity news
Cybercriminals were found distributing virtualized .NET malware loaders, dubbed MalVirt, in a Google Ads-based malvertising campaign to install the Formbook stealer and XLoader. The hackers used KoiVM virtualization technology to obfuscate their implementation and execution in their campaigns. The ... Read More

Russian Cybercriminals Launch New 'Passion' Attack Platform

Russian Cybercriminals Launch New 'Passion' Attack Platform - Cybersecurity news
Medical institutions in the U.S. and Europe are under attack from a new botnet network called Passion launching DDoS attacks. It operates as a DDoS-as-a-Service (DDoSaaS) platform and has distinctive ties with Russian hacking groups, such as Anonymous Russia, Killnet, MIRAI, and Venom. It ran sever ... Read More

InTheBox Sells Over 1,800 Android Phishing Forms

InTheBox Sells Over 1,800 Android Phishing Forms - Cybersecurity news
Cyble observed the InTheBox threat actor selling over 1,800 web injects in its dark web shop, which can target users from Australia, Japan, Indonesia, the U.S., India, and other countries. The overlays support several Android banking trojans and impersonate apps operated by organizations across the ... Read More

Nevada Ransomware: Another Feather in the RaaS Ecosystem

Nevada Ransomware: Another Feather in the RaaS Ecosystem - Cybersecurity news
A new ransomware family called Nevada Ransomware has emerged on underground forums. The actors behind this variant, as experts with Resecurity confirmed, have an affiliate platform first introduced in the RAMP underground community. The group recently distributed an updated locker—written in Rust— ... Read More

IceBreaker Backdoor Targets Gaming/Gambling Companies

IceBreaker Backdoor Targets Gaming/Gambling Companies - Cybersecurity news
Online gaming and gambling firms are once again under attack by a never-before-seen backdoor known as IceBreaker. According to security analysts at SecurityJoes, the malware’s compromise method relies on tricking customer service agents into opening malicious screenshots that the threat actor sent ... Read More

HeadCrab Botnet Targets 1,200 Redis Servers in a New Elusive Campaign

HeadCrab Botnet Targets 1,200 Redis Servers in a New Elusive Campaign - Cybersecurity news
Aqua Security researchers found a new malware, dubbed HeadCrab, that has infected over a thousand Redis servers since September 2021. Researchers found approximately 1,200 actively infected servers that it has been abusing to mine Monero cryptocurrency. HeadCrab uses state-of-the-art infrastructure ... Read More

After LockBit Red and LockBit Black, Operators Launch LockBit Green

After LockBit Red and LockBit Black, Operators Launch LockBit Green - Cybersecurity news
Operators of the LockBit ransomware rolled out a new version of their malware, dubbed LockBit Green. It is the modified version of the ESXI ransomware variant and is created to launch attacks against cloud-based services. Moreover, researchers highlighted that the new LockBit variant has a signific ... Read More

New Variants of Prilex Blocks Contactless NFC Transactions

New Variants of Prilex Blocks Contactless NFC Transactions - Cybersecurity news
A New Prilex PoS malware variant has been observed blocking NFC-enabled contactless credit card transactions and forcing users to insert credit cards for transactions. In fact, an attacker can configure the malware to capture card data only if it is a Black/Infinite or Corporate card. Retailers are ... Read More

TrickGate is Alive and Kicking as a Preferred Payload Carrier

TrickGate is Alive and Kicking as a Preferred Payload Carrier - Cybersecurity news
Experts at Check Point Research laid bare the secrets of a shellcode-based packer, dubbed TrickGate, assisting threat actors in deploying a range of malware such as TrickBot, Emotet, FormBook, Cerber, AZORult, Agent Tesla, Maze, and REvil. The malware stayed under the hood for six years owing to it ... Read More

New Sh1mmer Exploit Allows Root Level Access for ChromeOS

New Sh1mmer Exploit Allows Root Level Access for ChromeOS - Cybersecurity news
A new exploit, dubbed SH1MMER, has been devised to unenroll enterprise- or school-managed Chromebooks from administrative control, letting a user bypass admin restrictions. The exploit uses publicly leaked Return Merchandise Authorization (RMA) shims to modify the management of enrollment of device ... Read More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags