Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report published today. "These campaigns come in the form of spam emails with attachments that … [Read more...] about New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.
attacks
AI’s Expanding Role in Cyber Attacks
Mar 19, 2024NewsroomGenerative AI / Incident Response Large language models (LLMs) powering artificial intelligence (AI) tools today could be exploited to develop self-augmenting malware capable of bypassing YARA rules. "Generative AI can be used to evade string-based YARA rules by augmenting the source code of small malware variants, effectively lowering detection rates," … [Read more...] about AI’s Expanding Role in Cyber Attacks
Hacked WordPress Sites Abusing Visitors’ Browsers for Distributed Brute-Force Attacks
Mar 07, 2024NewsroomVulnerability / Web Security Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, "target WordPress websites from the browsers of completely innocent and unsuspecting site visitors," … [Read more...] about Hacked WordPress Sites Abusing Visitors’ Browsers for Distributed Brute-Force Attacks
VoltSchemer: attacks on wireless chargers through the power supply
A group of researchers from the University of Florida has published a study on a type of attack using Qi wireless chargers, which they’ve dubbed VoltSchemer. In the study, they describe in detail how these attacks work, what makes them possible, and what results they’ve achieved. In this post, first we’ll discuss the researchers’ main findings. Then we’ll explore what it all … [Read more...] about VoltSchemer: attacks on wireless chargers through the power supply
New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT
Feb 26, 2024The Hacker NewsSteganography / Malware Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader. The attack has been attributed to a threat actor tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) under the … [Read more...] about New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT
Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks
Feb 22, 2024NewsroomNetwork Security / Penetration Testing A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández … [Read more...] about Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks
CrowdStrike Defends Against Azure Cross-Tenant Synchronization Attacks
Azure cross-tenant synchronization (CTS) was made generally available on May 30, 2023, and introduced a new attack surface on Microsoft Entra ID (formerly Azure Active Directory) where attackers can move laterally to a partner tenant or create a backdoor on an existing tenant. CrowdStrike showcases two observed attack paths to outline how adversaries can abuse CTS CrowdStrike … [Read more...] about CrowdStrike Defends Against Azure Cross-Tenant Synchronization Attacks
U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks
Feb 03, 2024NewsroomIntelligence Agency / Cyber Security The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, … [Read more...] about U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks
Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks
Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an "aggressive" hacking crew called APT28, have set their eyes on organizations dealing with foreign affairs, energy, defense, and transportation, as well as those … [Read more...] about Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Jan 18, 2024NewsroomSupply Chain Attacks / AI Security Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of TensorFlow releases on … [Read more...] about TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks