Cyware Alerts - Hacker News
New Sh1mmer Exploit Allows Root Level Access for ChromeOS
/https://cyware-ent.s3.amazonaws.com/image_bank/d519_shutterstock_1856365084.jpg "New Sh1mmer Exploit Allows Root Level Access for ChromeOS - Cyware Alerts - Hacker News")
A new exploit, dubbed SH1MMER, has been devised to unenroll enterprise- or school-managed Chromebooks from administrative control, letting a user bypass admin restrictions. The exploit uses publicly leaked Return Merchandise Authorization (RMA) shims to modify the management of enrollment of device ... Read More
Threat Actors Abuse Microsoft's Verified Publisher Status
/https://cyware-ent.s3.amazonaws.com/image_bank/c7b5_shutterstock_1137101603.jpg "Threat Actors Abuse Microsoft's Verified Publisher Status - Cyware Alerts - Hacker News")
Security experts at Proofpoint disclosed that cyber adversaries are using malicious OAuth applications to abuse Microsoft's "verified publisher" status. The activity is intended to gain access to the cloud environments of targeted organizations, pilfer data, and also scan through users' mailboxes, ... Read More
BlackCat Ransomware Hits Defence Contractor, Steals Weapons Data
/https://cyware-ent.s3.amazonaws.com/image_bank/da59_shutterstock_1102825994.jpg "BlackCat Ransomware Hits Defence Contractor, Steals Weapons Data - Cyware Alerts - Hacker News")
The BlackCat ransomware group claimed to have breached Solar Industries India and stolen 2 TB worth of data, containing military data related to weapons production. The stolen data includes details about the company’s employees and customers, armament supply chains, and information about the other ... Read More
Godfather Banking Trojan Expands to Infect More European Countries
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_92325316.jpg "Godfather Banking Trojan Expands to Infect More European Countries - Cyware Alerts - Hacker News")
Recently EclecticIQ Threat Research Team spotted samples of Godfather imitating Google Protect apps and fooling users into believing they are protected by an Android service. After successful infection, Godfather obtains the permissions for Accessibility Service and collects the default user a ... Read More
Phishing Page Changes as per User's Email Address
/https://cyware-ent.s3.amazonaws.com/image_bank/8f28_shutterstock_129753254.jpeg "Phishing Page Changes as per User's Email Address - Cyware Alerts - Hacker News")
ASEC stumbled across phishing emails warning users that their accounts would be shut down unless they perform a particular action. Hackers used Google's favicon feature to trick users into revealing their credentials. The account credentials entered on the phishing page were sent to a C2 whose addr ... Read More
Google Ads Now Hijacked to Target Password Manager Users
/https://cyware-ent.s3.amazonaws.com/image_bank/2625_shutterstock_2144742761.jpg "Google Ads Now Hijacked to Target Password Manager Users - Cyware Alerts - Hacker News")
A new malvertising campaign has surfaced that abuses Google Ads to target users searching for password managers and, in fact, directed them to fake sponsored websites. Previously, the FBI had warned about the explosion of such attacks that impersonated websites involved in finances and duped u ... Read More
New GOOTLOADER Variant Evolves Further with New Obfuscation Tricks
/https://cyware-ent.s3.amazonaws.com/image_bank/02c1_shutterstock_667595752.jpg "New GOOTLOADER Variant Evolves Further with New Obfuscation Tricks - Cyware Alerts - Hacker News")
The UNC2565 hacker group appears to have restructured its GOOTLOADER (or Gootkit) malware by adding new components and implementing new obfuscation techniques. Gootkit is used by adversaries to drop additional malicious payloads, such as SunCrypt, REvil (Sodinokibi) ransomware, Kronos trojan, and C ... Read More
Ukraine Targeted via New Waves of Data Wipers, Including SwiftSlicer
/https://cyware-ent.s3.amazonaws.com/image_bank/870f_shutterstock_1954309246.jpg "Ukraine Targeted via New Waves of Data Wipers, Including SwiftSlicer - Cyware Alerts - Hacker News")
A lot has happened on the cyber front in Ukraine and Russia ever since the war began. Joining the bandwagon, on the behalf of Russian Sandworm APT, is a pack of five wiper malware, including the new Golang-based SwiftSlicer. The new wiper has been added to the VirusTotal database recently (sub ... Read More
Iranian and Russian Groups Target Organizations - Warns NCSC
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_449461888.jpg "Iranian and Russian Groups Target Organizations - Warns NCSC - Cyware Alerts - Hacker News")
The NCSC-U.K warned against ongoing spear-phishing campaigns against government entities, NGOs, think tanks, academia, and others, by Russia-based SEABORGIUM and Iran-based TA453 threat actors. SEABORGIUM and TA453 spend time researching their targets' interests and contacts to create a convin ... Read More
Cybercriminals Impersonate LockBit to Target SMBs in Northern Europe
/https://cyware-ent.s3.amazonaws.com/image_bank/90c6_shutterstock_2115048653.jpg "Cybercriminals Impersonate LockBit to Target SMBs in Northern Europe - Cyware Alerts - Hacker News")
In the wake of a significant rise in ransomware attacks, especially by the Lockbit locker group, a cybercriminals group was spotted targeting SMBs in Belgium and extorting by impersonating Lockbit. The incident highlights the threat of outdated software and systems, as extortion practices beco ... Read More
Defend Against Threats with Cyber Fusion
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.
Learn More
Trending Tags
