Cyware Alerts - Hacker News

New Chaos and Nokoyawa Ransomware Variants Found

New Chaos and Nokoyawa Ransomware Variants Found - Cyware Alerts - Hacker News
Security analysts spotted two new ransomware variants for Nokoyawa and Chaos ransomware, in two separate reports. Chaos' variant named Yashma includes two new improvements: the ability to stop execution on the basis of a victim's location and stop different running processes linked with antivirus a ... Read More

Credit Card Stealers Adopt Advanced Evasion Techniques

Credit Card Stealers Adopt Advanced Evasion Techniques - Cyware Alerts - Hacker News
Microsoft found that scammers are using image files with a hidden malicious PHP script to manipulate e-commerce checkout pages and capture payment card details in their latest attack campaigns. The attackers are obfuscating their code snippets, injecting them into image files, and masquerading as w ... Read More

Windows Exploits Used to Target Infosec Community

Windows Exploits Used to Target Infosec Community - Cyware Alerts - Hacker News
Cyble researchers spotted a malware campaign targeting the infoSec community via a fake PoC exploit code for RPC Runtime RCE flaw. The fake exploit was distributed via GitHub. By attacking the infosec community, attackers are probably trying to gain access to vulnerability research or steal other p ... Read More

Chatbots Used to Steal User Credentials in New Phishing Campaign

Chatbots Used to Steal User Credentials in New Phishing Campaign - Cyware Alerts - Hacker News
A new attack observed by Trustwave starts with a chatbot-like page that attempts to establish communication and trust with the target instead of directly sending an embedded link.

RansomHouse: New Data Extortion Gang

RansomHouse: New Data Extortion Gang - Cyware Alerts - Hacker News
The cybercrime operation states that it does not use any ransomware and focuses on network infiltration by abusing vulnerabilities. The attackers focus primarily on data exfiltration and do not build any encryption modules.

Twisted Panda: Chinese APT Targets Russian Orgs

Twisted Panda: Chinese APT Targets Russian Orgs - Cyware Alerts - Hacker News
The targeted attack, dubbed Twisted Panda, has been going on since at least June 2021 and spied on at least two Russian defense research institutes and another unknown target in Belarus.

Corrupted PyPI Package Opens Backdoors for Different OSes

Corrupted PyPI Package Opens Backdoors for Different OSes - Cyware Alerts - Hacker News
Sonatype warns developers against malicious packages in the PyPI registry that were rooted by cybercriminals to perform supply chain attacks by deploying Cobalt Strike beacons and backdoors on Windows, macOS, and Linux systems. It could provide hackers initial access to the developer's network for ... Read More

New Details About Wizard Spider Emerge

New Details About Wizard Spider Emerge - Cyware Alerts - Hacker News
First detected in 2017, Wizard Spider has come a long way. A recent investigation by Prodaft revealed that the gang is one of the wealthiest ones and its assets exceed hundreds of millions of dollars.

Critical Flaws in Jupiter WordPress Plugin

Critical Flaws in Jupiter WordPress Plugin - Cyware Alerts - Hacker News
WordPress researchers unearthed a set of flaws in the Jupiter Theme and JupiterX Core plugins for the WordPress CMS, including a high-severity flaw that allows a third party to gain administrative privileges and completely take over a live site. Users are recommended to keep their machines up-to-da ... Read More

New Wave of Brute-Force Attacks Target SQL Servers - Microsoft Warns

New Wave of Brute-Force Attacks Target SQL Servers - Microsoft Warns - Cyware Alerts - Hacker News
Microsoft uncovered a malicious campaign targeting SQL servers using a malware dubbed SuspSQLUsage. Attackers leverage a built-in PowerShell binary to achieve persistence on compromised systems. However, for initial compromise, they rely on brute-force tactics. It is recommended to monitor for ... Read More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags