Author: Admin
December 16, 2024Ravi LakshmananMalware / Threat Intelligence Cybersecurity researchers have shed light on a previously undocumented aspect of ClickFix-style attacks that involve taking advantage of a single ad network service in an ad-driven phishing campaign. Cheat ads. “This campaign, based entirely on a single ad network for distribution, demonstrates the basic mechanisms of malicious advertising – delivering over 1 million daily ‘ad impressions’ (over the last ten days) and causing thousands of daily victims to lose their accounts and money through a network of 3,000 + content sites that drive traffic” – Nati Tal, Head of Guardio Labs, said in…
December 16, 2024Ravi LakshmananSpy Software / Surveillance The Serbian journalist’s phone was first unlocked by the Cellebrite tool and then hacked by a previously undocumented spyware codenamed NoviSpysays a new report published by Amnesty International. “NoviSpy allows you to capture sensitive personal data from a target device’s phone after infection and provides the ability to remotely turn on the phone’s microphone or camera,” the company said in a statement. said in an 87-page technical report. An analysis of forensic evidence indicates that spyware was installed when freelance journalist Slavisa Milanov’s phone was in the hands of Serbian police during his…
As modern software development has evolved, managing CI/CD pipelines has become critical to maintaining agility and compliance. As we enter the age of artificial intelligence (AI), the importance of reliable pipeline management only increases. With that said, we’ll explore the concept of CI/CD pipeline management and why it’s vital, especially as artificial intelligence becomes more prevalent in our software pipelines. What is CI/CD Pipeline Management? CI/CD pipeline management refers to the framework of policies, practices, and controls that oversee the entire software delivery process. This ensures that every step, from code generation to production deployment, meets organizational standards, security protocols,…
December 16, 2024Ravi LakshmananCryptocurrency / Phishing Attack Cybersecurity researchers are drawing attention to a new type of investment fraud that uses a combination of malicious social media advertising, company-branded messages, and artificial intelligence (AI)-based video recommendations featuring celebrities, ultimately leading to financial and data loss. . “The main goal of fraudsters is to lead victims to phishing websites and forms that collect their personal information,” ESET noted in its Threat report for the second half of 2024 shared with The Hacker News. A Slovak cyber security company is tracking a threat called Nomania play on the phrase “no money”. It…
December 16, 2024Ravi LakshmananCyber attack / Cyber espionage The Security Service of Ukraine (SBU or SBU) has exposed a new espionage campaign, suspected of being part of Russia’s Federal Security Service (FSB), which involved the recruitment of Ukrainian minors for criminal activities under the guise of “quest games”. Law enforcement officers said that they detained two FSB agent groups after a special operation in Kharkiv. These groups, according to the agency, consisted exclusively of 15- and 16-year-old children. “Minors performed hostile tasks of conducting reconnaissance, adjusting strikes and arson,” the SBU reports. said in a statement released Friday. “To mask…
December 14, 2024Ravi LakshmananBotnet / Ad Fraud Germany’s Federal Office for Information Security (BSI) has announced that it has foiled a malware operation called BADBOX that was pre-installed on at least 30,000 internet-connected devices sold across the country. In a statement released earlier this week, authorities said they had severed communications between the devices and their command-and-control (C2) servers by seizing the relevant domains. Affected devices include digital photo frames, media players and streamers, and likely phones and tablets. “What all these devices have in common is that they have outdated versions of Android and come with malware pre-installed,” the…
December 14, 2024Ravi LakshmananMalware/cyber threats Thai government officials have been targeted by a new company using a technique called Sideloading DLL put a previously undocumented backdoor duplicated Yokai. “Based on the nature of the lures, the threat actors targeted Thai officials,” Nikhil Hegde, a senior engineer at Netskope’s security team, told The Hacker News. “The Yokai backdoor itself is unlimited and can be used against any potential target.” The the starting point of the attack chain is a RAR archive containing two Windows shortcut files with titles in Thai that translate to “United States Department of Justice.pdf” and “United States…
December 13, 2024Ravi LakshmananCyber attack / malware It is estimated that a remote GitHub repository that advertised WordPress’ online content management system (CMS) tool allowed more than 390,000 credentials to be stolen. The malicious activity is part of a larger attack campaign launched by a threat actor dubbed MUT-1244 (where MUT refers to “Mysterious Unattributed Threat”) by Datadog Security Labs, which includes phishing and several trojanized GitHub repositories that post proof of concept. (PoC) code to exploit known security flaws. “Victims are believed to be attackers, including pentesters and security researchers, as well as malicious threat actors, and had their…
December 13, 2024Hacker newsLinux / Vulnerability A security flaw was discovered OpenWrtVisited by Sysupgrade (ADU) feature that, if successfully exploited, could be used to distribute malicious software packages. Vulnerability, tracked as CVE-2024-54143has a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK is credited with discovering and reporting the flaw on December 4, 2024. The problem was fixed in ASU version 920c8a1. “By combining command injection into the image builder image and the truncated SHA-256 hash included in the build request hash, an attacker can taint a legitimate image by providing a…
The US Department of Justice (DoJ) has charged 14 nationals of the Democratic People’s Republic of Korea (DPRK or North Korea) for their alleged involvement in an ongoing conspiracy to violate sanctions and commit fraud, money laundering and identity theft. by illegally seeking employment in American companies and non-profit organizations. “The conspirators, who worked for the DPRK-controlled companies Yanbian Silverstar and Volasys Silverstar, located in the People’s Republic of China (PRC) and the Russian Federation (Russia), respectively, conspired to use false, stolen, and borrowed identities from the United States and others to conceal their North Korean identities and foreign locate…