January 15, 2024 at 01:34PM Phemedrone malware exploits Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass security prompts in Windows. It steals data from web browsers, cryptocurrency wallets, and apps like Discord and Steam. The flaw was fixed in November 2023, but unpatched systems remain at risk. Trend Micro researchers have identified the specific apps and … Read more
January 5, 2024 at 05:27AM On January 3, Orange Spain experienced an internet outage due to a threat actor using stolen admin credentials to manipulate BGP traffic. Personal data was not compromised, but browsing services were affected. The incident was linked to an employee’s system infiltration by Raccoon Stealer malware. Security flaws in RIPE’s system … Read more
January 3, 2024 at 02:56PM Cybercriminals broke into 23 leading Iranian insurance firms and SnappFood, dumping millions of user profiles. Data from insurers’ leak included sensitive details. SnappFood had 3TB of data, including user profiles, addresses, and credit card records, leaked. The attacks may be state-sponsored cyber espionage. StealC malware infected a SnappFood employee, potentially … Read more
January 3, 2024 at 10:39AM Information stealers are exploiting a Google authentication vulnerability to regenerate cookies and maintain access to accounts, despite password changes. The exploit, involving a MultiLogin endpoint and Chrome tokens, allows attackers to gain persistent access to Google services. The technique has been adopted by multiple infostealers, raising concerns about widespread cyberattacks. … Read more
December 17, 2023 at 04:52PM The Rhadamanthys information-stealing malware has recently released two major versions with added improvements, such as new stealing capabilities, enhanced evasion, and a new plugin system for customization. These updates indicate a shift towards a more modular and customizable framework, making it a more formidable tool for cybercriminals. From the meeting … Read more
December 17, 2023 at 04:44PM The developers of Rhadamanthys malware have released two major versions, enhancing its information-stealing capabilities. Sold via subscription, it’s distributed through various channels. Check Point’s analysis of version 0.5.0 revealed a new plugin system, improved stub construction, and targeted crypto apps. Version 0.5.1 introduces a new Clipper plugin and other advanced … Read more
November 29, 2023 at 01:06AM A new ransomware called Xaro, derived from the DJVU/STOP strain, has been spreading through disguised cracked software. It encrypts files and steals information, demanding $980 in ransom. The malware also installs additional payloads like stealer and loader programs, aiming for double extortion and increased attack success rates. Cybersecurity experts warn … Read more
October 20, 2023 at 02:18PM DarkGate, a remote access trojan (RAT), has been linked to the Vietnamese financial cybercrime operation behind the Ducktail infostealer. Researchers have found similarities in the lure documents and targeting used by both malware. DarkGate is a multifunctional malware that can steal information, distribute malware, and mine cryptocurrency. Understanding connections between … Read more
October 20, 2023 at 05:57AM ExelaStealer, a new information stealer, has emerged in the crowded world of off-the-shelf malware. It is an open-source infostealer with customizable features, capable of stealing various types of sensitive data from compromised Windows systems. ExelaStealer is sold on cybercrime forums and a dedicated Telegram channel for as low as $20 … Read more