Tag: Cybersecurity

DLL Search Order Hijacking Technique Bypasses Protection

Another way to use legitimate Windows components for illegal purposes is found.

A new DLL (Dynamic Link Library) Search Order Hijacking variant emerged. This method capitalizes on executables in the trusted WinSxS folder of Windows 10 and 11, allowing threat actors to execute malicious code without needing high privileges​​. How Does DLL Search Order Hijacking Work? Researchers detect a novel DLL search order hijacking variant. It leverages… Continue reading DLL Search Order Hijacking Technique Bypasses Protection

Microsoft Disables MSIX App Installer Protocol

Attackers have found a way to exploit a previously patched vulnerability.

Microsoft reportedly disabled MSIX installer protocol in Windows, due to its exploitation in real-world cyberattacks. Hackers found a way to misuse the protocol to install malicious software, bypassing anti-malware software detection. MSIX Installer Protocol Exploited The emergence of a malware kit market, exploiting the MSIX file format and ms-app installer protocol is nothing new. However,… Continue reading Microsoft Disables MSIX App Installer Protocol

Xamalicious Trojan Hits Over 327K Android Devices

Android backdoor, Xamalicious, has been discovered, carrying out various malicious actions on infected devices.

A new Android backdoor, dubbed Xamalicious, was discovered by the researchers at the edge of 2023. This malware exhibits potent capabilities to perform malicious actions on infected devices. Malware reportedly exploits Android’s accessibility permissions to gain access to various sources of user data. What is Xamalicious Malware? As I’ve said in the introduction, Xamalicious is… Continue reading Xamalicious Trojan Hits Over 327K Android Devices

Integris Health Hacked, Patients Receive Ransom Emails

Attackers have taken extortion to the next level and are blackmailing patients at a hacked medical facility.

Integris Health, Oklahoma’s most extensive not-for-profit health network, fell victim to a sophisticated cyberattack, which compromised susceptible patient data. This unfortunate occasion got some really unusual results: patients of Integris Health in Oklahoma started receiving extortion emails. They threaten the sale of their data to other malicious actors if they fail to pay an extortion… Continue reading Integris Health Hacked, Patients Receive Ransom Emails

Carbanak is Back with a New Spreading Tactic

The banking malware Carbanak has been observed being used in ransomware attacks with updated tactics.

The Carbanak cybercrime group, infamous for its banking malware, has resurfaced with new ransomware tactics, marking a significant evolution in their modus operandi. This development, as reported by the NCC Group, reflects Carbanak’s adaptability and increased threat to global cybersecurity Carbanak is Back, Using New Distribution Methods Carbanak’s return is marked by a significant shift… Continue reading Carbanak is Back with a New Spreading Tactic

UAC-0099 Targets Ukrainian Companies With Lonepage Malware

UAC-0099 has been using a critical vulnerability in WinRAR software to spread Lonepage malware.

Ukrainian cyberwarfare sees further action as the UAC-0099 threat actor escalates its cyber espionage campaign against Ukrainian firms. Leveraging a severe vulnerability in the popular WinRAR software, the group orchestrates sophisticated attacks to deploy the Lonepage malware, a VBS malware capable of remote command execution and data theft. UAC-0099 Exploits WinRar Vulnerability In most recent… Continue reading UAC-0099 Targets Ukrainian Companies With Lonepage Malware

FalseFont Malware Targets Defence Contractors Worldwide

Iranian hackers joined the big hacking game with a novice malware sample

The Iranian hacking group APT33 has developed a new malware called FalseFont. They use it to target the Defense Industrial Base worldwide. Microsoft reports the surge in its activity in December, 2023. APT33 targets defense firms with FalseFont malware Researchers recently shed light on a new cyber-espionage campaign. The Iranian APT33 group has been deploying… Continue reading FalseFont Malware Targets Defence Contractors Worldwide

Cryptocurrency Scams on Twitter Exploit Post Features

Cryptocurrency scammers are misusing a Twitter "feature" to promote scams, fake giveaways for stealing cryptocurrency.

Fraudsters are seen to exploit a feature of Twitter publications, misleading users and endangering digital assets. This deceptive strategy hinges on Twitter’s URL structure, which allows hackers to lure folks into various scams. Primarily, such campaigns are used to promote various cryptocurrency scams. Vulnerability in Twitter In-Post Links The exploit involves altering the account name… Continue reading Cryptocurrency Scams on Twitter Exploit Post Features

Comcast’s Xfinity Breach Exposes Data of 35.8 Million Users

Hackers gained access to the sensitive information of nearly 36 million Xfinity customers.

Comcast confirms a massive security breach impacting its Xfinity division. Nearly 36 million customers of the world’s largest telecom provider were exposed as the result of CitrixBleed exploitation. The Breach details and impact on customers The CitrixBleed vulnerability, which resides in widely used Citrix networking devices, has been under mass-exploitation by hackers since at least… Continue reading Comcast’s Xfinity Breach Exposes Data of 35.8 Million Users

Mr. Cooper’s Data Breach Affects Millions

Another major data breach reminds us of the potential consequences of cybersecurity lapses.

Hackers have infiltrated the secure databases of Mr. Cooper, a prominent mortgage and loan company, resulting in a massive data breach. Over 14.6 million customers have been affected, making it one of the most significant breaches in recent times. Mr.Cooper’s Hacked, Huge Amounts of Data Exposed Hackers have breached Mr. Cooper’s databases, impacting 14.6 million… Continue reading Mr. Cooper’s Data Breach Affects Millions