July 4, 2024 at 09:10AM Conceptworld Corporation, an India-based software company, was found to be distributing information-stealing malware with its software products. Researchers from Rapid7 discovered that the installation packages of their tools, Notezilla, RecentX, and Copywhiz, had been Trojanized. Despite replacing the malicious installers, users were unknowingly exposed to the dllFake malware, capable of … Read more
June 4, 2024 at 07:06AM Snowflake, in collaboration with CrowdStrike and Mandiant, has reported a targeted campaign against a limited number of its customers. The company recommends enabling multi-factor authentication and limiting network traffic to trusted locations to prevent unauthorized access. U.S. CISA and ACSC issued alerts, and it’s advised to look for signs of … Read more
April 5, 2024 at 12:50PM Hackers are using hijacked Facebook pages and advertisements to promote fake AI services, infecting users with password-stealing malware. The malvertising campaigns trick users into fraudulent Facebook communities, then entice them to download malicious executables. The stolen data is sold on the dark web or used for further scams. These sophisticated … Read more
January 2, 2024 at 03:06PM Info-stealing malware can still access compromised Google accounts even after passwords are changed, due to a zero-day exploit first mentioned by the cybercriminal “PRISMA.” The exploit involves regenerating session tokens to access emails and cloud storage. CloudSEK identified the exploit in the undocumented Google OAuth endpoint “MultiLogin.” The discover reveals … Read more
November 25, 2023 at 05:08PM The ‘ClearFake’ campaign, initially targeting Windows users with fake Chrome update prompts, has now expanded to Macs. The campaign utilizes Atomic Stealer (AMOS) malware to infect macOS computers. The malware disguises itself as a Safari update and attempts to steal sensitive information such as passwords, credit card details, and cryptocurrency … Read more
October 17, 2023 at 05:54PM IT administrators are using weak passwords to protect access to portals, leaving enterprise networks vulnerable to cyberattacks. Over 40,000 administrator credentials analyzed had the default password “admin,” showing a lack of strong authentication. Researchers warn that threat actors are targeting privileged users. To defend networks, strong and unique passwords should … Read more