Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus – OfficialSarkar

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus – OfficialSarkar

Sep 03, 2024Ravie LakshmananRansomware / Malware A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. “Head Mare uses more up-to-date methods for obtaining initial access,” Kaspersky said in a Monday analysis of the group’s tactics and tools. “For instance, the attackers took…

Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users – OfficialSarkar

Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users – OfficialSarkar

Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. “This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as different banks,” Dutch security company ThreatFabric said….

New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access – OfficialSarkar

New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access – OfficialSarkar

Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system’s permissions-based model, which revolves around the Transparency, Consent, and Control (TCC) framework. “If successful, the adversary could gain any privileges already granted to the affected Microsoft applications,”…

Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt – OfficialSarkar

Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt – OfficialSarkar

Sep 03, 2024Ravie LakshmananInsider Threat / Network Security A 57-year-old man from the U.S. state of Missouri has been arrested in connection with a failed data extortion campaign that targeted his former employer. Daniel Rhyne of Kansas City, Missouri, has been charged with one count of extortion in relation to a threat to cause damage…

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors – OfficialSarkar

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors – OfficialSarkar

Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, financial services, commercial facilities,…

Learn to Boost Cybersecurity with AI-Powered Vulnerability Management – OfficialSarkar

Learn to Boost Cybersecurity with AI-Powered Vulnerability Management – OfficialSarkar

Sep 02, 2024The Hacker NewsVulnerability Management / Webinar The world of cybersecurity is in a constant state of flux. New vulnerabilities emerge daily, and attackers are becoming more sophisticated. In this high-stakes game, security leaders need every advantage they can get. That’s where Artificial Intelligence (AI) comes in. AI isn’t just a buzzword; it’s a…

Next-Generation Attacks, Same Targets – How to Protect Your Users’ Identities – OfficialSarkar

Next-Generation Attacks, Same Targets – How to Protect Your Users’ Identities – OfficialSarkar

Sep 02, 2024The Hacker NewsCybercrime / CISO Insights The FBI and CISA Issue Joint Advisory on New Threats and How to Stop Ransomware Note: on August 29, the FBI and CISA issued a joint advisory as part of their ongoing #StopRansomware effort to help organizations protect against ransomware. The latest advisory, AA24-242A, describes a new…

Malicious npm Packages Mimicking ‘noblox.js’ Compromise Roblox Developers’ Systems – OfficialSarkar

Malicious npm Packages Mimicking ‘noblox.js’ Compromise Roblox Developers’ Systems – OfficialSarkar

Sep 02, 2024Ravie LakshmananSoftware Security / Malware Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware. “By mimicking the popular ‘noblox.js’ library, attackers have published dozens of packages…

North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit – OfficialSarkar

North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit – OfficialSarkar

Aug 31, 2024Ravie LakshmananRootkit / Threat Intelligence A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which had made a…