Cyware Alerts - Hacker News
DarkCrystal RAT Targets Ukrainian Telcos
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock-163113558.jpg "DarkCrystal RAT Targets Ukrainian Telcos - Cybersecurity news")
Threat actors are sharing malspam messages with the subject ‘Free Primary Legal Aid’ to disseminate the DarkCrystal RAT or DCRat onto victims’ systems.
PyPi Packages Caught Stealing and Making AWS Keys and More Public
/https://cyware-ent.s3.amazonaws.com/image_bank/d6f0_shutterstock_1447245065.jpeg "PyPi Packages Caught Stealing and Making AWS Keys and More Public - Cybersecurity news")
The PyPI repository containing malicious Python packages are steal sensitive data before sending it to publicly exposed endpoints. The sensitive data includes AWS credentials as well as environment variables. The stolen data is stored in TXT files and uploaded to a PyGrata[.]com domain. The endpoin ... Read More
With LockBit 3.0 Launch, Hackers Announce Bug Bounty Program
/https://cyware-ent.s3.amazonaws.com/image_bank/05d3_shutterstock_1887495730.jpg "With LockBit 3.0 Launch, Hackers Announce Bug Bounty Program - Cybersecurity news")
The LockBit RaaS launched LockBit 3.0, the first-ever ransomware bug bounty program for security experts to submit bug reports and get rewarded with up to $1 million. Various bug bounty categories include website bugs (such as XSS vulnerabilities, and MySQL injections), Locker bugs (bugs in the ran ... Read More
Keona Clipper Steals Cryptocurrency Payments
/https://cyware-ent.s3.amazonaws.com/image_bank/8f0a_shutterstock_2108737307.jpg "Keona Clipper Steals Cryptocurrency Payments - Cybersecurity news")
Keona Clipper, a new malware threat is stealing cryptocurrencies from infected computers by replacing the user wallet address with its own. It leverages Telegram to stay hidden. Researchers identified over 90 different iterations of Keona since May, indicating wide deployment. Users should take utm ... Read More
Raccoon Stealer Reappears With a New Version
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock-144282798.jpg "Raccoon Stealer Reappears With a New Version - Cybersecurity news")
Raccoon Stealer v2 is written in C/C++ using WinApi. The malware downloads legitimate third-party DLLs from its C2 servers. It is believed that the new version was available on Telegram for sale since May 17.
Attacker Targets RCE Bug in Mitel MiVoice VoIP Appliances
/https://cyware-ent.s3.amazonaws.com/image_bank/218e_shutterstock_1798927972.jpg "Attacker Targets RCE Bug in Mitel MiVoice VoIP Appliances - Cybersecurity news")
An RCE zero-day in unpatched versions of a Linux-based Mitel VoIP application is the new threat to tens of thousands of devices, with most in the U.S. and U.K. The flaw occurs due to insufficient data validation for a diagnostic script, which allows remote and unauthorized attackers to add commands ... Read More
Chinese APTs Use Ransomware as Decoy for Espionage
/https://cyware-ent.s3.amazonaws.com/image_bank/a783_shutterstock_1261948831.jpg "Chinese APTs Use Ransomware as Decoy for Espionage - Cybersecurity news")
Two APT groups from China carried out cyberespionage to steal sensitive data from Western and Japanese firms but posed as financially-motivated groups by deploying ransomware. APT41 is focused on stealing intellectual property from Japanese firms while APT10 has been targeting global organizations. ... Read More
Quantum Builder: A Tool to Create Malicious Shortcut Files
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_444597916.jpg "Quantum Builder: A Tool to Create Malicious Shortcut Files - Cybersecurity news")
Researchers found a new malware tool - for sale on cybercrime forums - that helps cybercriminals in building malicious Windows shortcut (.LNK) files to infect victims. Quantum Builder supports multiple payloads per LNK file and has capabilities to create HTA and ISO payloads. The tool shares t ... Read More
Scalper Bots Leave the Israeli Government Helpless
/https://cyware-ent.s3.amazonaws.com/image_bank/84af_shutterstock_360682790.jpg "Scalper Bots Leave the Israeli Government Helpless - Cybersecurity news")
Scalper bots have gone out of control in Israel by signing up for public service appointments for several government services and then selling them to dissatisfied citizens. The bot's operators attempted to sell appointments for multiple government agencies for over $100. In order to beat mo ... Read More
New Attack Method Devised to Abuse Microsoft WebView2 and Bypass MFA
/https://cyware-ent.s3.amazonaws.com/image_bank/3083_shutterstock_1131915290.jpg "New Attack Method Devised to Abuse Microsoft WebView2 and Bypass MFA - Cybersecurity news")
A new phishing attack could abuse Microsoft Edge WebView2 applications to steal victims’ authentication cookies, using which hackers bypass MFA for logging accounts. The attack includes a WebView2 executable, for which the researcher created a proof-of-concept that opens a genuine Microsoft login f ... Read More
Defend Against Threats with Cyber Fusion
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.
Learn More
Trending Tags
