Category

Third Party Risk Assessment

Third Party Risk Assessment Page 2

Roblox gaming platform leveraged by threat actors to sell decryptors

A new ransomware operation has been found with a unique method of selling its decryptors through Roblox, a gaming platform that uses its in-game currency, Robux. Roblox is a game designed for kids, and one of its features is that it allows its members to develop their games and monetise them by selling ‘Game Passes.’...
Continue Reading
Elasticsearch Databases Compromised Ransom Notes

Elasticsearch databases get compromised through ransom notes

Malicious threat groups have targeted more than a hundred Elasticsearch databases and substituted nearly 500 indexes with ransom notes in their recent cybercriminal activities. The ransom demands reached about $280,000, and each request was approximately $600. According to a researcher, they have observed cybercriminals receiving payments through a Bitcoin wallet address. They also noted that...
Continue Reading
Fake Android VPN Mobile Apps SideWinder APT Threat Group Pakistan Malware Spear Phishing

Fake Android VPN apps used by the SideWinder APT to target Pakistan

The SideWinder APT group has included a new custom tool for malware strains in phishing attacks distributed to Pakistani organisations. The phishing links are attached to emails impersonating legitimate notifications and services of government departments and organisations in Pakistan. SideWinder, an advanced persistent threat group that has been active since 2012, primarily focuses on attacking...
Continue Reading
Experts BAS Framework Cyberattacks Vulnerability Exploit Browser Automation Studio

Experts have seen a spike in the use of the BAS framework for attacks

Researchers have published a report regarding the increased utilisation of the Browser Automation Studio or BAS framework developed by Bablosoft, which threat actors actively use for its free-to-use browser functionality. The framework contains several functions that threat actors can utilise for illegal activities. It is a Windows-only automation environment used for different capabilities in browser-related...
Continue Reading
Horde Webmail Flaw Vulnerability Exploit Hackers Email

Horde Webmail flaw can allow hackers to gain control by sending an email

A newly discovered security flaw has been found in the open-source Horde Webmail client, which hackers can exploit to gain control and perform remote code execution (RCE) on the email server by sending a malicious email to a victim. According to researchers, if the victim views the malicious email, the adversary can elusively take complete...
Continue Reading
Cybercriminals Probability Theory Obfuscate XLoader Botnet Malware MacOS Windows

Cybercriminals apply probability theory to obfuscate the XLoader botnet

A new version of the XLoader botnet has been found using probability theory in obfuscating its command-and-control (C2) servers to become more resistant to being disrupted by security analysts. The method used by the botnet’s operators allows them to remain on the same infrastructure without losing nodes while also evading detection. Being initially based on...
Continue Reading
Web Browsers ChromeLoader Hijacker Chrome Safari Firefox Opera

All types of web browsers targeted by the ChromeLoader hijacker

The ChromeLoader browser hijacker has been increasingly active in attacking several browsers this month. A constant increase in the volume of attacks has been detected since the year started. The hijacker alters victims’ web browser settings to portray search results with unwanted software, adult games, explicit content, fake giveaways and dating websites. Its operators receive...
Continue Reading
Third-Party JavaScript Websites Cyberattack Risks Organisations

Third-party JavaScripts on sites pose attack risks to organisations

A high chance of websites being exposed to third-party JavaScripts has recently been identified by researchers, with a further concern of threat actors having an easy way to exploit them to inject malicious codes into the sites. In a normal occurrence, webpages load a third-party script into a browser coming from an external server that...
Continue Reading
Python Backdoor Compromised PyPI Several OS Windows MacOS

Python backdoor can be opened by compromised PyPI on several OS

A malicious Python backdoor has been discovered by researchers in the PyPI registry operating a supply chain attack. These newly discovered attacks aim to deploy backdoors and Cobalt Strike beacons in different OSs such as Windows, Linux, and macOS. The threat actors launched a malicious package coded as ‘pymafka’ in the PyPI. The name is...
Continue Reading
Security Analysts DuckDuckGo Microsoft User Tracking Dark Web Search Engine

Analysts discovered DuckDuckGo allowing Microsoft to track users

The popular search engine DuckDuckGo, which has claimed maximum browsing privacy for its users, reportedly allows Microsoft trackers on third-party websites. This report is discovered from an agreement between the two tech firms about their syndicated search content contract. DuckDuckGo had long assured its users of a private browsing experience, including not allowing trackers to...
Continue Reading
1 2 3 4 10