Cyware Alerts - Hacker News
MalVirt Loader Distributes Formbook and XLoader with Unusual Levels of Obfuscation
/https://cyware-ent.s3.amazonaws.com/image_bank/2c09_shutterstock_650414569.jpg "MalVirt Loader Distributes Formbook and XLoader with Unusual Levels of Obfuscation - Cybersecurity news")
Cybercriminals were found distributing virtualized .NET malware loaders, dubbed MalVirt, in a Google Ads-based malvertising campaign to install the Formbook stealer and XLoader. The hackers used KoiVM virtualization technology to obfuscate their implementation and execution in their campaigns. The ... Read More
Russian Cybercriminals Launch New 'Passion' Attack Platform
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock-623303806.jpg "Russian Cybercriminals Launch New 'Passion' Attack Platform - Cybersecurity news")
Medical institutions in the U.S. and Europe are under attack from a new botnet network called Passion launching DDoS attacks. It operates as a DDoS-as-a-Service (DDoSaaS) platform and has distinctive ties with Russian hacking groups, such as Anonymous Russia, Killnet, MIRAI, and Venom. It ran sever ... Read More
InTheBox Sells Over 1,800 Android Phishing Forms
/https://cyware-ent.s3.amazonaws.com/image_bank/f8ba_shutterstock_591799040.jpg "InTheBox Sells Over 1,800 Android Phishing Forms - Cybersecurity news")
Cyble observed the InTheBox threat actor selling over 1,800 web injects in its dark web shop, which can target users from Australia, Japan, Indonesia, the U.S., India, and other countries. The overlays support several Android banking trojans and impersonate apps operated by organizations across the ... Read More
Nevada Ransomware: Another Feather in the RaaS Ecosystem
/https://cyware-ent.s3.amazonaws.com/image_bank/ca9e_shutterstock_687323650.jpg "Nevada Ransomware: Another Feather in the RaaS Ecosystem - Cybersecurity news")
A new ransomware family called Nevada Ransomware has emerged on underground forums. The actors behind this variant, as experts with Resecurity confirmed, have an affiliate platform first introduced in the RAMP underground community. The group recently distributed an updated locker—written in Rust— ... Read More
IceBreaker Backdoor Targets Gaming/Gambling Companies
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_434921992.jpg "IceBreaker Backdoor Targets Gaming/Gambling Companies - Cybersecurity news")
Online gaming and gambling firms are once again under attack by a never-before-seen backdoor known as IceBreaker. According to security analysts at SecurityJoes, the malware’s compromise method relies on tricking customer service agents into opening malicious screenshots that the threat actor sent ... Read More
HeadCrab Botnet Targets 1,200 Redis Servers in a New Elusive Campaign
/https://cyware-ent.s3.amazonaws.com/image_bank/72ec_shutterstock_256752703.jpg "HeadCrab Botnet Targets 1,200 Redis Servers in a New Elusive Campaign - Cybersecurity news")
Aqua Security researchers found a new malware, dubbed HeadCrab, that has infected over a thousand Redis servers since September 2021. Researchers found approximately 1,200 actively infected servers that it has been abusing to mine Monero cryptocurrency. HeadCrab uses state-of-the-art infrastructure ... Read More
After LockBit Red and LockBit Black, Operators Launch LockBit Green
/https://cyware-ent.s3.amazonaws.com/image_bank/a777_Ransomware_blog12-01.jpg "After LockBit Red and LockBit Black, Operators Launch LockBit Green - Cybersecurity news")
Operators of the LockBit ransomware rolled out a new version of their malware, dubbed LockBit Green. It is the modified version of the ESXI ransomware variant and is created to launch attacks against cloud-based services. Moreover, researchers highlighted that the new LockBit variant has a signific ... Read More
New Variants of Prilex Blocks Contactless NFC Transactions
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_121319428.jpg "New Variants of Prilex Blocks Contactless NFC Transactions - Cybersecurity news")
A New Prilex PoS malware variant has been observed blocking NFC-enabled contactless credit card transactions and forcing users to insert credit cards for transactions. In fact, an attacker can configure the malware to capture card data only if it is a Black/Infinite or Corporate card. Retailers are ... Read More
TrickGate is Alive and Kicking as a Preferred Payload Carrier
/https://cyware-ent.s3.amazonaws.com/image_bank/40a2_shutterstock_2210502247.jpg "TrickGate is Alive and Kicking as a Preferred Payload Carrier - Cybersecurity news")
Experts at Check Point Research laid bare the secrets of a shellcode-based packer, dubbed TrickGate, assisting threat actors in deploying a range of malware such as TrickBot, Emotet, FormBook, Cerber, AZORult, Agent Tesla, Maze, and REvil. The malware stayed under the hood for six years owing to it ... Read More
New Sh1mmer Exploit Allows Root Level Access for ChromeOS
/https://cyware-ent.s3.amazonaws.com/image_bank/d519_shutterstock_1856365084.jpg "New Sh1mmer Exploit Allows Root Level Access for ChromeOS - Cybersecurity news")
A new exploit, dubbed SH1MMER, has been devised to unenroll enterprise- or school-managed Chromebooks from administrative control, letting a user bypass admin restrictions. The exploit uses publicly leaked Return Merchandise Authorization (RMA) shims to modify the management of enrollment of device ... Read More
Defend Against Threats with Cyber Fusion
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.
Learn More
Trending Tags
