DarkCrystal RAT Targets Ukrainian Telcos

DarkCrystal RAT Targets Ukrainian Telcos - Cybersecurity news - Malware and Vulnerabilities
Threat actors are sharing malspam messages with the subject ‘Free Primary Legal Aid’ to disseminate the DarkCrystal RAT or DCRat onto victims’ systems. 

PyPi Packages Caught Stealing and Making AWS Keys and More Public

PyPi Packages Caught Stealing and Making AWS Keys and More Public - Cybersecurity news - Malware and Vulnerabilities
The PyPI repository containing malicious Python packages are steal sensitive data before sending it to publicly exposed endpoints. The sensitive data includes AWS credentials as well as environment variables. The stolen data is stored in TXT files and uploaded to a PyGrata[.]com domain. The endpoin ... Read More

With LockBit 3.0 Launch, Hackers Announce Bug Bounty Program

With LockBit 3.0 Launch, Hackers Announce Bug Bounty Program - Cybersecurity news - Malware and Vulnerabilities
The LockBit RaaS launched LockBit 3.0, the first-ever ransomware bug bounty program for security experts to submit bug reports and get rewarded with up to $1 million. Various bug bounty categories include website bugs (such as XSS vulnerabilities, and MySQL injections), Locker bugs (bugs in the ran ... Read More

The Link Between AWM Proxy & the Glupteba Botnet – Krebs on Security

Despite all of the disruption caused by Google’s legal and technical meddling, AWM is still around and nearly as healthy as ever, although the service has been rebranded with a new name and there are dubious claims of new owners.

Keona Clipper Steals Cryptocurrency Payments

Keona Clipper Steals Cryptocurrency Payments - Cybersecurity news - Malware and Vulnerabilities
Keona Clipper, a new malware threat is stealing cryptocurrencies from infected computers by replacing the user wallet address with its own. It leverages Telegram to stay hidden. Researchers identified over 90 different iterations of Keona since May, indicating wide deployment. Users should take utm ... Read More

Firefox 102 Patches 19 Vulnerabilities, Improves Privacy

With the latest update, Mozilla has patched CVE-2022-34470, a high-severity use-after-free issue in nsSHistory that was triggered when navigating between XML documents, and which could lead to a potentially exploitable crash.

AstraLocker 2.0 pushes ransomware direct from Office docs

ReversingLabs recently discovered a new version of the AstraLocker ransomware (AstraLocker 2.0) that was being distributed directly from Microsoft Office files used as bait in phishing attacks.

Raccoon Stealer Reappears With a New Version

Raccoon Stealer Reappears With a New Version - Cybersecurity news - Malware and Vulnerabilities
Raccoon Stealer v2 is written in C/C++ using WinApi. The malware downloads legitimate third-party DLLs from its C2 servers. It is believed that the new version was available on Telegram for sale since May 17.

New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers

A new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary.

ZuoRAT Malware Hijacking Home-Office Routers to Spy on Targeted Networks

A never-before-seen remote access trojan dubbed ZuoRAT has been singling out small office/home office (SOHO) routers as part of a sophisticated campaign targeting North American and European networks.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags