Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes – OfficialSarkar

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes – OfficialSarkar

Nov 14, 2024Ravie LakshmananArtificial Intelligence / Cryptocurrency Google has revealed that bad actors are leveraging techniques like landing page cloaking to conduct scams by impersonating legitimate sites. “Cloaking is specifically designed to prevent moderation systems and teams from reviewing policy-violating content which enables them to deploy the scam directly to users,” Laurie Richardson, VP and…

5 BCDR Oversights That Leave You Exposed to Ransomware – OfficialSarkar

5 BCDR Oversights That Leave You Exposed to Ransomware – OfficialSarkar

Ransomware isn’t just a buzzword; it’s one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in sophistication, with new ransomware groups constantly emerging. Their attack methods are evolving rapidly, becoming more dangerous and damaging than ever. Almost all respondents (99.8%) in…

TikTok Pixel Privacy Nightmare: A New Case Study – OfficialSarkar

TikTok Pixel Privacy Nightmare: A New Case Study – OfficialSarkar

Nov 14, 2024The Hacker NewsData Privacy / Compliance Advertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of American Gen Zs saying they use the platform to plan their vacations. But one online travel marketplace…

New RustyAttr Malware Targets macOS Through Extended Attribute Abuse – OfficialSarkar

New RustyAttr Malware Targets macOS Through Extended Attribute Abuse – OfficialSarkar

Nov 14, 2024Ravie LakshmananCryptojacking / Threat Intelligence Threat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr. The Singaporean cybersecurity company has attributed the novel activity with moderate confidence to the infamous North Korea-linked Lazarus Group, citing infrastructure and tactical overlaps observed…

Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails – OfficialSarkar

Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails – OfficialSarkar

Nov 14, 2024Ravie LakshmananMalware / Vulnerability A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to…

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel – OfficialSarkar

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel – OfficialSarkar

Nov 13, 2024Ravie LakshmananThreat Intelligence / Cyber Espionage A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE, has also targeted the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and Egypt, Check Point said…

Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims – OfficialSarkar

Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims – OfficialSarkar

Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker’s inner workings, allowing the researchers to discover a “specific window of opportunity for data recovery immediately after the removal of protectors from BitLocker-encrypted disks.” ShrinkLocker…

Comprehensive Guide to Building a Strong Browser Security Program – OfficialSarkar

Comprehensive Guide to Building a Strong Browser Security Program – OfficialSarkar

Nov 13, 2024The Hacker NewsBrowser Security / SaaS Security The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of organizational network traffic flowing through browsers and web applications, companies are facing new and serious cybersecurity threats. These include phishing attacks, data leakage, and malicious extensions….

OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution – OfficialSarkar

OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution – OfficialSarkar

Nov 13, 2024Ravie LakshmananCloud Security / Vulnerability A security analysis of the OvrC cloud platform has uncovered 10 vulnerabilities that could be chained to allow potential attackers to execute code remotely on connected devices. “Attackers successfully exploiting these vulnerabilities can access, control, and disrupt devices supported by OvrC; some of those include smart electrical power…

Iranian Hackers Use “Dream Job” Lures to Deploy SnailResin Malware in Aerospace Attacks – OfficialSarkar

Iranian Hackers Use “Dream Job” Lures to Deploy SnailResin Malware in Aerospace Attacks – OfficialSarkar

Nov 13, 2024Ravie LakshmananCyber Espionage / Malware The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group’s playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. “The campaign distributed the…