Tag: cyberattack

New SprySOCKS Linux malware used in cyber espionage attacks
News

New SprySOCKS Linux malware used in cyber espionage attacks

A new Linux backdoor known as "SprySOCKS" was utilized by a Chinese hacker with a focus on espionage to target government entities in several different nations. With many of its features adapted to work on Linux systems, Trend Micro's study of the innovative backdoor revealed that it derives from the Trochilus open-source Windows malware. The SprySOCKS command and control server (C2) communication protocol is similar to RedLeaves, a Windows backdoor, hence the virus appears to be a mashup of several infections. The interactive shell's implementation, however, seems to have been inspired by the Linux malware Derusbi read more SprySOCKS Linux malware used in cyber espionage attacks. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our compr...
APT36 state hackers infect Android devices using YouTube app clones
News

APT36 state hackers infect Android devices using YouTube app clones

At least three Android apps that resemble YouTube are used by the APT36 hacking gang, also known as "Transparent Tribe," to infect devices with their infamous remote access trojan (RAT), "CapraRAT." Once the malware has been put on a victim's device, it can basically function as a spyware tool by collecting data, recording audio and video, or accessing sensitive communication data. APT36 is a threat actor with ties to Pakistan that is well-known for attacking Pakistani human rights advocates as well as Indian defense and government organizations, as well as organizations involved in the affairs of the Kashmir region. SentinelLabs, which cautions individuals and groups connected to the military or diplomacy in India and Pakistan to be extremely aware of YouTube Android apps read m...
Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data
News

Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data

Microsoft announced on Monday that it has taken action to address a flagrant security blunder that had exposed 38 terabytes of sensitive information. The leak was found on the company's AI GitHub repository, and it's believed to have accidentally become public when a collection of open-source training data was published, according to Wiz. Additionally, it had a disk backup of the workstations of two former workers, which contained over 30,000 internal Teams communications in addition to secrets, keys, and passwords. The repository, known as "robust-models-transfer," is no longer reachable. It provided the raw code and machine learning models read more Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data. Stay informed with the best cybersecurity news and...
New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services
News

New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services

In order to covertly mine cryptocurrency, a revolutionary cloud-native cryptojacking operation has its sights set on specialized Amazon Web Services (AWS) products like AWS Amplify, AWS Fargate, and Amazon SageMaker. The cloud and container security company Sysdig has given the hostile cyber behavior the codename AMBERSQUID. "The AMBERSQUID operation was able to exploit cloud services without triggering the AWS requirement for approval of more resources, as would be the case if they only spammed EC2 instances," Sysdig security researcher Alessandro Brucato wrote in a study posted with The Hacker News. Targeting numerous services also presents additional difficulties, such as incident response, as it necessitates locating and eliminating all miners in each service that has been ex...
TikTok flooded by ‘Elon Musk’ cryptocurrency giveaway scams
News

TikTok flooded by ‘Elon Musk’ cryptocurrency giveaway scams

The video-sharing app TikTok is inundated with a wave of fraudulent cryptocurrency giveaways, with almost all of the films professing to be themes based on Elon Musk, Tesla, or SpaceX. On social media sites like Twitter and Instagram, threat actors have been producing bogus cryptocurrency giveaways for years. These con games pose as celebrity freebies, bitcoin trades, or—more frequently—as Elon Musk or SpaceX impersonations. The con artists create a large number of websites that look like cryptocurrency exchanges or offer free cryptocurrency in exchange for user registrations. But as to be expected, these frauds just steal any cryptocurrency that consumers deposit read more TikTok flooded by Elon Musk cryptocurrency giveaway scams. Stay informed with the best cybersecurity news a...
WhatsApp rival Telegram gets Crypto wallet integration
News

WhatsApp rival Telegram gets Crypto wallet integration

The popular messaging software Telegram has announced an integrated cryptocurrency wallet function that enables users to conveniently access their cryptocurrency holdings. People who have used the @wallet bot in the past will see a new option in their Telegram menu that is just for crypto wallets. The information was disclosed during the TOKEN2049 conference, where the TON Foundation and Telegram made their alliance official. Telegram and the TON Foundation made the following commitments at the conference: With the exception of the US, the @wallet integration will offer a link to almost 800 million Telegram users globally read more WhatsApp rival Telegram gets Crypto wallet integration. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with ...
Google Agrees to $93 Million Settlement in California’s Location-Privacy Lawsuit
News

Google Agrees to $93 Million Settlement in California’s Location-Privacy Lawsuit

Google has agreed to pay $93 million to resolve claims that its location-privacy practices deceived customers and broke the law, according to a lawsuit brought by the U.S. state of California. "Our investigation revealed that Google was telling its users one thing - that it would no longer track their location once they opted out - but doing the opposite and continuing to track its users' movements for its own commercial gain," said Rob Bonta, the attorney general of California. The case was brought about as a result of revelations that the business tracked users' locations even after making clear that such information wouldn't be saved if the "Location History" setting was disabled read more Google Agrees to $93 Million Settlement in California's Location-Privacy Lawsuit.
North Korea’s Lazarus Group Suspected in $31 Million CoinEx Heist
News

North Korea’s Lazarus Group Suspected in $31 Million CoinEx Heist

Since June 2023, the Lazarus Group, which has ties to North Korea, has stolen approximately $240 million in cryptocurrencies, a huge increase in its hacking activity. The famed hacker squad is allegedly suspected of stealing $31 million in digital assets from the CoinEx exchange on September 12, 2023, according to numerous reports from Certik, Elliptic, and ZachXBT. The crypto robbery intended for CoinEx is the latest in a succession of recent attacks that also cost $100 million for Atomic Wallet, $37.3 million for CoinsPaid, $60 million for Alphapo, and 41 million for Stake.com. Some of the CoinEx money that was stolen was sent to an address that the Lazarus gang had previously used to launder money from Stake.com read more North Korea's Lazarus Group Suspected in $31 Million Co...
Fake Cisco Webex Google Ads abuse tracking templates to push malware
News

Fake Cisco Webex Google Ads abuse tracking templates to push malware

Threat actors can construct convincing Webex software search ads that link users to websites that have the BatLoader malware by exploiting a flaw in Google Ads tracking templates. Worldwide enterprises and businesses utilize the video conferencing and contact center software package Webex, which is a component of Cisco's collaboration product line. According to Malwarebytes, the threat actors in the malvertising operation appear to be from Mexico, and it has been active in Google Search for a week. According to Malwarebytes, the top Google Search result for the phrase "webex" displays a malicious Google ad that pretends to be the genuine Webex download portal read more Fake Cisco Webex Google Ads abuse tracking templates to push malware. Stay informed with the best cybersecurity ...
Iranian hackers breach defense orgs in password spray attacks
News

Iranian hackers breach defense orgs in password spray attacks

Since February 2023, Microsoft claims that a threat group with Iranian support has launched password spray assaults against hundreds of companies in the United States and around the world. Additionally, a small number of victims in the pharmaceutical, satellite, and defense industries had their private information stolen by state hackers. The cyberspy organization known as APT33 (also known as Peach Sandstorm, HOLMIUM, or Refined Kitten) has been active since at least 2013, attacking targets in the US, Saudi Arabia, and South Korea. These targets include government, defense, research, finance, and engineering organizations. The Microsoft Threat Intelligence team reported that Peach Sandstorm carried out a wave of password spray assaults between February and July 2023 in an effort...