By Deeba Ahmed
Bitdefender reports a surge in Stream-Jacking attacks on popular YouTube channels, distributing crypto scams and information stealers such as Redline.
This is a post from HackRead.com Read the original post: Stream-Jacking: Malicious You…
Malicious ads are creeping into chatbots.
The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. In an era where digitalization has woven its web into the very fabric of our lives, the dark underbelly of the digital realm continues to pose an ever-growing threat. Ransomware, a menace […]
The post DRM Report Q2 2023 – Ransomware threat landscape appeared first on Security Affairs.
Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. The BunnyLoader malware loader is written in C/C++ and is sold on various forums for $250 for […]
The post BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums appeared first on Security Affairs.
A critical Zip Slip vulnerability was discovered in the open-source data cleaning and transformation tool ‘OpenRefine’, which allowed attackers to import malicious code and execute arbitrary code. OpenRefine is a strong Java-based, free, open…
Researchers have identified the exfiltration infrastructure of a LockBit affiliate while investigating a LockBit extortion incident that occurred in Q3 2023. Executive Summary NOTE: This version of the report has been redacted for TLP:WHITE disclosure. Introduction Digging into ransomware infections always provides valuable insights. This time, we investigated peculiar details of a recent Lockbit-based intrusion […]
The post Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more) appeared first on Security Affairs.
Researchers from cybersecurity firm TG Soft are warning Italian entities and companies of LockBit 3.0 Black and BlackCat/AlphV attacks. In the last few weeks, two cybercriminal groups that have also targeted Italian entities and businesses, are back in the news; they are LockBit 3.0 Black and BlackCat/AlphV, which had already been reported by the media in the first decade of […]
The post Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV appeared first on Security Affairs.
By Waqas
There are over 17 million developers worldwide who use NPM packages, making it a lucrative target for cybercriminals.
This is a post from HackRead.com Read the original post: FortiGuard Labs Uncovers Series of Malicious NPM Packages Stealing D…
Vulnerabilities carrying high severity scores require urgent attention, and many of this week’s critical vulnerabilities are no exception. A host of zero-day vulnerabilities, several under active attack, will require immediate attention for patching or mitigation. However, as valuable as ratings can be, they don’t tell the whole story. 25-year-old RSA description vulnerabilities defy the CSV […]
The post Weekly Vulnerability Recap – October 2, 2023 – WS_FTP, Exim, Cisco and Other Exploited Vulnerabilities appeared first on eSecurity Planet.
LightSpy malware, responsible for a watering hole attack conducted against iOS users in Hong Kong, has been discovered to be embedded with Android implant Core and its 14 related plugins from 20 active servers for attacking mobile users. LightSpy is a …