News, Tips, Security Lab
DLL Search Order Hijacking Technique Bypasses Protection
A new DLL (Dynamic Link Library) Search Order Hijacking variant emerged. This method capitalizes on executables in the trusted WinSxS…
Microsoft Disables MSIX App Installer Protocol
Microsoft reportedly disabled MSIX installer protocol in Windows, due to its exploitation in real-world cyberattacks. Hackers found a way to…
PUABundler:Win32/PiriformBundler
PUABundler:Win32/PiriformBundler is the detection of an unwanted program, developed and issued by Piriform Software. While applications from this developer aren’t…
Novice Rugmi Loader Delivers Various Spyware
The threat landscape meets a new player – Rugmi Loader. This threat specializes in spreading spyware, and is in fact…
Xamalicious Trojan Hits Over 327K Android Devices
A new Android backdoor, dubbed Xamalicious, was discovered by the researchers at the edge of 2023. This malware exhibits potent…
Blogger Forced ChatGPT to Generate Keys for Windows 95
YouTube user Enderman demonstrated that he was able to force ChatGPT to generate activation keys for Windows 95. Let me remind you that we also wrote that Russian Cybercriminals Seek…
Russian-Speaking Hack Group Winter Vivern Attacks Governments in Europe and Asia
The Russian-speaking hack group Winter Vivern (aka TA473 in the Proofpoint classification) has been actively exploiting a vulnerability in Zimbra and has been stealing letters from NATO officials, governments, military…
APT43 Funds Cybercrime With Stolen Crypto
Researchers have identified a new state-backed hacker group in North Korea. The group in question is the North Korean hacker group APT43, which has targeted government organizations in Europe, the…
Ransomware Actors Target IBM’s Aspera Faspex
File transfer utility Aspera Faspex, developed by IBM, became a riding mare of cybercriminals. A vulnerability discovered in the past year is exploited to deploy various ransomware samples. Key threat…
3CX Phone System is Struck With Chain Supply Attack
3CX Phone System, a desktop app for business phone communication, fell victim to a supply chain attack. Recent updates deliver a forged version of the application that makes it possible…
Binance US Ban Scams Incoming: What to Expect?
Recent events around one of the world’s largest cryptocurrency exchanges Binance sound threatening. CFTC, the U.S. regulator of commodity futures trading, charged the company with allegations of violating numerous acts…
The aCropalypse Vulnerability Poses a Threat Not Only to Pixel, but Also to Windows
Information security experts have discovered that the aCropalypse vulnerability, which allows restoring the original image edited on a Google Pixel device (using the Markup tool), is turning into a 0-day…
Malicious ChatGPT Add-On Hijack Facebook Accounts
ChatGPT became a worldwide phenomenon in recent months. GPT-4 update created even more hype around it, bringing it on top of numerous newsletters. Such an opportunity could not be ignored…
BlackGuard Receives Update, Targets More Cryptowallets
BlackGuard, a prolific infostealer malware, received an update at the edge of 2023. The new update introduced advanced data-stealing capabilities and secure connectivity features. The new version also includes a…
Linus Tech Tips YouTube Channel Hacked
Linus Tech Tips, a YouTube 15-million tech channel, was hacked and then used to spread a cryptocurrency scam. It happened around March 23, 2023, and could have led to massive…
Attackers target .NET Developers with Malicious NuGet Packages
JFrog experts warned that attackers are targeting .NET developers through malicious packages from the NuGet repository and infecting their systems with malware that steals cryptocurrency. Let me remind you that…
ChatGPT Users Complained about Seeing Other People’s Chat Histories
Some ChatGPT users have reported on social media that their accounts show other people’s chat histories. Let me remind you that we also wrote that Russian Cybercriminals Seek Access to…