EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

GlobalDefenseBot 24 April

3 minutes

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. Fortinet FortiGuard Labs researchers discovered a new “all-in-one” info stealer for Windows, dubbed EvilExtractor (sometimes spelled Evil Extractor) that is available for sale on dark web cybercrime forums. EvilExtractor is a modular info-stealer, it exfiltrates […]

The post EvilExtractor, a new All-in-One info stealer appeared on the Dark Web appeared first on Security Affairs.

Enterprise-Attacking Malware Toolkit Analyzing 70 Billion DNS Queries Daily

CySecBot 24 April

1 minute

The ‘Decoy Dog’ malware toolkit, aimed at enterprises, was uncovered recently by the security analysts at Infoblox by analyzing 70 billion DNS records and traffic that differs from typical online behavior. Decoy Dog was discovered in early …

Evil Extractor Infostealer Targets Windows In Recent Phishing Campaign

CySecBot 24 April

1 minute

Researchers observed malicious use of a self-claimed educational tool, “Evil Extractor,” for stealing data. They…
Evil Extractor Infostealer Targets Windows In Recent Phishing Campaign on Latest Hacking News | Cyber Security News, Hac…

Study of past cyber attacks can improve organizations’ defense strategies

CySecBot 24 April

1 minute

Ransomware operators have been increasingly launching frequent attacks, demanding higher ransoms, and publicly exposing victims, leading to the emergence of an ecosystem that involves access brokers, ransomware service providers, insurance providers, a…

breaking news

Health insurer Point32Health suffered a ransomware attack

GlobalDefenseBot 24 April

2 minutes

Non-profit health insurer Point32Health suffered a ransomware attack and has taken systems offline in response to the incident. Non-profit health insurer Point32Health has taken systems offline in response to a ransomware attack that took place on April 17. The insurer immediately launched an investigation into the incident with the help of third-party cybersecurity experts to […]

The post Health insurer Point32Health suffered a ransomware attack appeared first on Security Affairs.

breaking news

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

GlobalDefenseBot 23 April

4 minutes

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs […]

The post Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition appeared first on Security Affairs.

breaking news

Abandoned Eval PHP WordPress plugin abused to backdoor websites

GlobalDefenseBot 23 April

3 minutes

Threat actors were observed installing the abandoned Eval PHP plugin on compromised WordPress sites for backdoor deployment. Researchers from Sucuri warned that threat actors are installing the abandoned Eval PHP plugin on compromised WordPress sites for backdoor deployment. The Eval PHP plugin allows PHP code to be inserted into the pages and posts of WordPress […]

The post Abandoned Eval PHP WordPress plugin abused to backdoor websites appeared first on Security Affairs.

ChatGPT Can be Tricked To Write Malware When You Act as a Developer Mode

CySecBot 22 April

1 minute

Japanese cybersecurity experts warn that ChatGPT can be deceived by users who input a prompt to mimic developer mode, leading the AI chatbot to generate code for malicious software. Developers’ security measures to deter unethical and criminal ex…

Accidental ‘write’ Permissions In Alibaba PostgreSQL Let Attackers Access Sensitive Data

CySecBot 22 April

1 minute

Two new critical flaws have been found in Alibaba Cloud’s popular services, ApsaraDB and AnalyticDB. Both of them were in support of PostgreSQL. Wiz security research team has termed this vulnerability as #BrokenSesame. One of these vulnerabilities pe…

AuKill – A Malware That Kills EDR Clients To Attack Windows Systems

CySecBot 22 April

1 minute

A new hacking tool, AuKill, disables Endpoint Detection & Response (EDR) software for threat actors to launch BYOD attacks by deploying backdoors and ransomware on targeted systems. Sophos researchers witnessed the usage of AuKill in two incidents …