Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore – OfficialSarkar

Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore – OfficialSarkar

Sep 05, 2024Ravie LakshmananCyber Threat / Malware Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos. The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows shortcuts, and other formats…

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm – OfficialSarkar

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm – OfficialSarkar

Sep 05, 2024Ravie LakshmananCyber Attack / Malware The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus is a cross-platform weapon capable of targeting…

Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks – OfficialSarkar

Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks – OfficialSarkar

Sep 05, 2024Ravie Lakshmanan Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information. A brief description of the two vulnerabilities is below – CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user…

North Korean Hackers Targets Job Seekers with Fake FreeConference App – OfficialSarkar

North Korean Hackers Targets Job Seekers with Fake FreeConference App – OfficialSarkar

North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview. The new attack wave, spotted by Singaporean company Group-IB in mid-August 2024, is yet another indication that the activity is also leveraging native installers for Windows and…

Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers – OfficialSarkar

Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers – OfficialSarkar

Sep 04, 2024Ravie LakshmananVulnerability / Network Security Zyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands. Tracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been described as a case of operating system (OS) command…

Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch – OfficialSarkar

Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch – OfficialSarkar

Sep 04, 2024Ravie LakshmananVulnerability / Mobile Security Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), relates to a case of privilege escalation in the Android…

Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers – OfficialSarkar

Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers – OfficialSarkar

Sep 04, 2024Ravie Lakshmanan A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate downstream organizations. It has been codenamed Revival Hijack by software supply chain security firm JFrog, which said the attack method could be used to hijack 22,000 existing…

The New Effective Way to Prevent Account Takeovers – OfficialSarkar

The New Effective Way to Prevent Account Takeovers – OfficialSarkar

Sep 04, 2024The Hacker NewsSaaS Security / Browser Security Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, “Why Account Takeover Attacks Still Succeed, and Why…

Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database – OfficialSarkar

Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database – OfficialSarkar

Sep 04, 2024Ravie LakshmananGDPR / Privacy The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an “illegal database with billions of photos of faces,” including those of…

Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack – OfficialSarkar

Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack – OfficialSarkar

Sep 04, 2024Ravie LakshmananMalware / Network Security A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign. The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware…