Accountability, Information Security and Malware

Who’s to Blame for Hacked Social Media Accounts, Spoofed Online Meeting Requests and Malware

Security Boulevard

MARCH 10, 2024

In episode 320, Tom and Scott discuss the contentious issue of who is accountable when Facebook or Instagram accounts are hacked, discussing potential failings on both the user’s and Meta’s part.

Media

Media Accountability Hacking Malware

YouTube creators’ accounts hijacked with cookie-stealing malware

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Accountability

Accountability Malware Phishing Social Engineering

Information Security News headlines trending on Google

CyberSecurity Insiders

MAY 4, 2023

Meta, the parent company of Facebook, Instagram, and WhatsApp, released a press statement yesterday that its cybersecurity teams have disrupted a malware spread campaign that was discovered to be spreading malware like Ducktail and the newly identified NodeStealer.

Information Security

Information Security Healthcare Social Engineering Ransomware

Brokewell Android malware supports an extensive set of Device Takeover capabilities

Security Affairs

APRIL 27, 2024

ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities. ThreatFabric researchers uncovered a new mobile malware named Brokewell, which is equipped with sophisticated device takeover features. ” reads the report published by ThreatFabric.

Malware

Malware Spyware Authentication Mobile

The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The Have I Been Pwned data breach notification service now allows victims of the RedLine malware to check if their credentials have been stolen. SecurityAffairs – hacking, malware).

Accountability

Accountability Malware Data breaches Passwords

Crooks manipulate GitHub’s search results to distribute malware

Security Affairs

APRIL 13, 2024

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that t hreat actors are manipulating GitHub search results to deliver persistent malware to developers systems. csproj or.vcxproj), it is automatically executed when the project is built.

Malware

Malware Cryptocurrency Encryption Hacking

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies

Security Affairs

JANUARY 1, 2024

The MultiLogin endpoint endpoint is an internal mechanism that allows the synchronization of Google accounts across services. This endpoint receives a vector containing account IDs and auth-login tokens for efficiently handling concurrent sessions or seamlessly transitioning between user profiles. ” continues the report.

Malware

Malware Penetration Testing Passwords Encryption

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

Security Affairs

AUGUST 1, 2023

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. The malicious code was designed to take over Facebook business accounts and steal funds from cryptocurrency wallets. environment. The author used Node.js

Accountability

Accountability Cryptocurrency Malware Phishing

DarkGate malware campaign abuses Skype and Teams

Security Affairs

OCTOBER 16, 2023

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. The threat actors abused popular messaging platforms such as Skype and Teams to deliver a script used as a loader for a second-stage payload, which was an AutoIT script containing the DarkGate malware.

Malware

Malware Cryptocurrency Accountability Cybercrime

LockBit ransomware gang claims to have breached accountancy firm Xeinadin

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Account balances. Client legal information. Customer financials.

Accountability

Accountability Ransomware Data breaches Hacking

Hackers are taking advantage of the interest in generative AI to install Malware

Security Affairs

MAY 3, 2023

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. ” reads the Meta’s Q1 2023 Security Reports.

Malware

Malware Education Accountability Media

Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.

Internet

Internet Internet Accountability Passwords

Google enhances malware protection for accounts enrolled in Advanced Protection Program (APP)

Security Affairs

OCTOBER 10, 2020

Google improves malware protection for Google Chrome users who are covered by the company’s Advanced Protection Program (APP). The Advanced Protection Program aims at protecting users with high visibility and sensitive information (i.e. Google announced an improved malware protection. continues the post. ” . .

Accountability

Accountability Malware Phishing Advertising

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. The vulnerability is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass.

Accountability

Accountability Government Phishing Authentication

The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked

Security Boulevard

JANUARY 21, 2024

Then they switch to the best practices to prevent social media account takeovers, highlighting […] The post The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked appeared first on Shared Security Podcast.

Media

Media Accountability Hacking Scams

FlyTrap, a new Android Trojan compromised thousands of Facebook accounts

Security Affairs

AUGUST 9, 2021

Experts spotted a new Android trojan, dubbed FlyTrap, that compromised Facebook accounts of over 10,000 users in at least 144 countries since March 2021. Zimperium’s zLabs researchers spotted a new Android trojan, dubbed FlyTrap , that already compromised Facebook accounts of over 10,000 users in at least 144 countries since March 2021.

Accountability

Accountability Social Engineering Media Malware

PyPI enforces 2FA authentication to prevent maintainers’ account takeover

Security Affairs

MAY 30, 2023

Threat actors have been updating various packages with versions containing malware. The adoption of 2FA aims at protecting maintainers’ account takeover as explained in the official announcement. ” reads the announcement. In addition, we may begin selecting certain users or projects for early enforcement.”

Authentication

Authentication Accountability Hacking Malware

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing

Phishing Malware Computers and Electronics Internet

Remcos RAT campaign targets US accounting and tax return preparation firms

Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. Ahead of the U.S. The phishing attacks began in February 2023, the IT giant reported.

Accountability

Accountability Phishing Financial Services Surveillance

WikiLoader malware-as-a-service targets Italian organizations

Security Affairs

AUGUST 1, 2023

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. Thus, user interaction is required to begin the malware installation.”

Malware

Malware Phishing Banking Hacking

New shc Linux Malware used to deploy CoinMiner

Security Affairs

JANUARY 4, 2023

Researchers discovered a new Linux malware developed with the shell script compiler ( shc ) that was used to deliver a cryptocurrency miner. The ASEC analysis team recently discovered that a Linux malware developed with shell script compiler ( shc ) that threat actors used to install a CoinMiner. ” concludes the report.

Malware

Malware DDOS Cryptocurrency Firewall

Rogue ChatGPT extension FakeGPT hijacked Facebook accounts

Security Affairs

MARCH 22, 2023

A tainted version of the legitimate ChatGPT extension for Chrome, designed to steal Facebook accounts, has thousands of downloads. Guardio ’s security team uncovered a new variant of a malicious Chat-GPT Chrome Extension that was already downloaded by thousands a day. Left: The “FakeGPT” Variant on Chrome Store.

Accountability

Accountability Encryption Hacking Cybercrime

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

The Last Watchdog

MAY 15, 2023

The physical safety of things like airbags, rearview mirrors, and brakes is well accounted for; yet cybersecurity auto safety concerns are rising to the fore. Funso Richard , Information Security Officer at Ensemble , highlighted the gravity of these threats.

Malware

Malware Manufacturing IoT Software

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

In early January 2024, software firm Ivanti reported that threat actors were exploiting two zero-day vulnerabilities ( CVE-2023-46805, CVE-2024-21887 ) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. x and Ivanti Policy Secure. The flaw CVE-2023-46805 (CVSS score 8.2)

VPN

VPN Malware Authentication Small Business

Ukraine: SSU dismantled cyber gang that stole 30 million accounts

Security Affairs

SEPTEMBER 24, 2022

The cyber department of Ukraine ‘s Security Service (SSU) dismantled a gang that stole accounts of about 30 million individuals. The cyber department of Ukraine ‘s Security Service (SSU) has taken down a group of hackers that is behind the theft of about 30 million individuals. ” concludes the SSU.

Accountability

Accountability Computers and Electronics Hacking Mobile

Earth Lusca expands its arsenal with SprySOCKS Linux malware

Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. The experts noticed that the threat actors have rewritten many functions of the malware to run on Linux systems. Additional analysis led to the discovery of a previously unknown Linux backdoor tracked as SprySOCKS.

Malware

Malware Encryption Telecommunications Authentication

Xenomorph malware is back after months of hiatus and expands the list of targets

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved.

Malware

Malware Banking Phishing Engineering

Alleged FruitFly malware creator ruled incompetent to stand trial

Malwarebytes

JANUARY 16, 2024

The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. Together, CWRU and the FBI were able to identify that an IP address with which the malware was communicating had also been used to access the alumni email account of a man called Phillip Durachinsky.

Malware

Malware Passwords Identity Theft Data collection

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. ” continues the analysis.

Malware

Malware Cryptocurrency Advertising Accountability

Ukraine warns of attacks aimed at taking over Telegram accounts

Security Affairs

APRIL 6, 2022

Ukraine’s technical security and intelligence service warns of threat actors targeting aimed at gaining access to users’ Telegram accounts. State Service of Special Communication and Information Protection (SSSCIP) of Ukraine spotted a new wave of cyber attacks aimed at gaining access to users’ Telegram accounts.

Accountability

Accountability Phishing Passwords Hacking

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware

Malware Cybercrime Banking Hacking

Threat actors leverage Microsoft Teams to spread malware

Security Affairs

FEBRUARY 17, 2022

Attackers compromise Microsoft Teams accounts to attach malicious executables to chat and spread them to participants in the conversation. Starting in January 2022, security researchers from Avanan observed attackers compromising Microsoft Teams accounts attach malicious executables to chat and infect participants in the conversation.

Malware

Malware Phishing Accountability Data breaches

North Korea-linked SharpTongue spies on email accounts with a malicious browser extension

Security Affairs

JULY 31, 2022

North Korea-linked threat actor SharpTongue is using a malicious extension on Chromium-based web browsers to spy on victims’ email accounts. North Korea-linked actor SharpTongue has been using a malicious extension on Chromium-based web browsers to spy on victims’ Gmail and AOL email accounts. In the last 12 months.

Accountability

Accountability Malware Passwords Hacking

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware

Malware Software Technology Accountability

New Linux malware targets WordPress sites by exploiting 30 bugs

Security Affairs

DECEMBER 30, 2022

A new Linux malware has been exploiting 30 vulnerabilities in outdated WordPress plugins and themes to deploy malicious JavaScripts. Doctor Web researchers discovered a Linux malware, tracked as Linux.BackDoor.WordPressExploit.1, SecurityAffairs – hacking, Lunix Malware). FV Flowplayer Video Player. WooCommerce.

Malware

Malware Hacking Accountability Phishing

New Lobshot hVNC malware spreads via Google ads

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. ” reads the report published by Elastic Security Labs.

Malware

Malware Cybercrime Banking Software

Box flaw allowed to bypass MFA and takeover accounts

Security Affairs

JANUARY 19, 2022

A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed threat actors to take over accounts. A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed attackers to take over accounts without having access to the victim’s phone, Varonis researchers reported.

Accountability

Accountability Authentication Passwords Data breaches

YTStealer info-stealing malware targets YouTube content creators

Security Affairs

JUNE 29, 2022

Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new information-stealing malware, dubbed YTStealer, that was developed to steal authentication cookies from YouTube content creators.

Malware

Malware Authentication Software Accountability

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

Info stealers, the type of malware with its purpose in the name, can cripple businesses and everyday users alike. Info stealers, also known as information stealers, are a type of malicious software (malware) designed to covertly collect sensitive and personal information from a victim’s computer or network.

Banking

Banking Cybercrime Malware Accountability

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Security Affairs

MAY 1, 2023

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers. The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity. continues the report.

Surveillance

Surveillance Malware Spyware Education

GoDaddy discloses a data breach, web hosting account credentials exposed

Security Affairs

MAY 5, 2020

GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. ” reads the data breach notice submitted by the company.

Data breaches

Data breaches Accountability Advertising Internet

This Week in Malware – 450 Packages and a Phishing Campaign Against PyPI Maintainers

Security Boulevard

AUGUST 26, 2022

This week in malware we discovered and analyzed 450 packages flagged as malicious, suspicious, or dependency confusion attacks. Also, this week a phishing email campaign targeted PyPI maintainers in attempts to compromise accounts and inject malware into the registry’s packages.

Phishing

Phishing Malware Accountability Information Security

TikTok fixed security issues that could have led one-click account takeover

Security Affairs

NOVEMBER 23, 2020

TikTok has addressed a couple of security issues that could have been chained to led account takeover. . The first issue addressed by the social media platform is a reflected XSS security flaw that has been reported by the bug bounty hunter Muhammed “ milly ” Taskiran via the bug bounty platform HackerOne.

Accountability

Accountability Passwords Media Malware

Who’s to Blame for Hacked Social Media Accounts, Spoofed Online Meeting Requests and Malware

YouTube creators’ accounts hijacked with cookie-stealing malware

Trending Sources

Information Security News headlines trending on Google

Brokewell Android malware supports an extensive set of Device Takeover capabilities

The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware

Crooks manipulate GitHub’s search results to distribute malware

Carbanak malware returned in ransomware attacks

Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

DarkGate malware campaign abuses Skype and Teams

LockBit ransomware gang claims to have breached accountancy firm Xeinadin

Hackers are taking advantage of the interest in generative AI to install Malware

Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

Google enhances malware protection for accounts enrolled in Advanced Protection Program (APP)

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked

FlyTrap, a new Android Trojan compromised thousands of Facebook accounts

PyPI enforces 2FA authentication to prevent maintainers’ account takeover

Russia-linked APT28 used new malware in a recent phishing campaign

Remcos RAT campaign targets US accounting and tax return preparation firms

WikiLoader malware-as-a-service targets Italian organizations

New shc Linux Malware used to deploy CoinMiner

Rogue ChatGPT extension FakeGPT hijacked Facebook accounts

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Ukraine: SSU dismantled cyber gang that stole 30 million accounts

Earth Lusca expands its arsenal with SprySOCKS Linux malware

Xenomorph malware is back after months of hiatus and expands the list of targets

Alleged FruitFly malware creator ruled incompetent to stand trial

New MrbMiner malware infected thousands of MSSQL DBs

Ukraine warns of attacks aimed at taking over Telegram accounts

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Threat actors leverage Microsoft Teams to spread malware

North Korea-linked SharpTongue spies on email accounts with a malicious browser extension

3CX Breach Was a Double Supply Chain Compromise

New Linux malware targets WordPress sites by exploiting 30 bugs

New Lobshot hVNC malware spreads via Google ads

Box flaw allowed to bypass MFA and takeover accounts

YTStealer info-stealing malware targets YouTube content creators

Info stealers and how to protect against them

Iranian govt uses BouldSpy Android malware for internal surveillance operations

GoDaddy discloses a data breach, web hosting account credentials exposed

This Week in Malware – 450 Packages and a Phishing Campaign Against PyPI Maintainers

TikTok fixed security issues that could have led one-click account takeover

Stay Connected