![]() ![]() The modules can steal credentials, inject malicious JavaScript into websites, plunder user data from different apps and encrypt files for a ransom.ĩ. It expanded its features to steal confidential information from cryptocurrency apps. Xcode project malware now targeting Apple’s M1-based MacsĪ Mac malware campaign targeting Xcode developers has been retooled to add support for Apple’s new M1 chips. The attack works by leveraging searches for business forms such as invoices, templates, questionnaires and receipts as a stepping stone toward infiltrating the systems.Ĩ. Hackers flood the web with pages offering malicious PDFsĬybercriminals are resorting to search engine poisoning techniques to lure business professionals into seemingly legitimate Google sites that install a remote access trojan. After gaining access to the customer list, the threat actors impersonated Celsius Networks in phishing texts and emails that promoted a new Celsius Web Wallet.ħ. Celsius email system breach leads to phishing attackĬryptocurrency rewards platform Celsius Network disclosed a security breach exposing customer information that led to a phishing attack. Cybersecurity and Infrastructure Security Agency on Thursday issued an advisory warning of multiple vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-service attacks, data leaks and remote code execution.Ħ. Severe bugs reported in EtherNet/IP stack for industrial systems Researchers have named the malware HackBoss and say that its operators likely stole more than $500,000 from novice hackers that fell for the trick.ĥ. ![]() The authors of a cryptocurrency-stealing malware are distributing it over Telegram to aspiring cybercriminals under the guise of free malicious applications. HackBoss malware poses as hacker tools on Telegram The company learned of the compromise on April 1st but the first signs of this software supply-chain attack occurred in late January.Ĥ. The Codecov online platform for hosted code testing reports and statistics announced that a threat actor modified its Bash Uploader script, exposing sensitive information in customers’ continuous integration environment. Codecov code coverage tool hacked to steal dev credentials While most ransomware operations demand thousands of dollars or more in cryptocurrency, Nitro Ransomware deviates from the norm by demanding a $9.99 Nitro gift code instead.ģ. In a novel approach to ransom demands, a new ransomware calling itself NitroRansomware encrypts files and then demands a Discord Nitro gift code to decrypt files. Discord Nitro gift codes now demanded as ransomware payments The issues affect apps like Telegram, Nextcloud, VLC, LibreOffice, OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark and Mumble.Ģ. Researchers discovered multiple one-click vulnerabilities across a variety of popular software applications, allowing an attacker to potentially execute arbitrary code on target systems. One-click hack found in popular desktop apps ![]() All this, and more, in this week’s edition of Cybersecurity Weekly. The Codecov code coverage tool was hacked to steal dev credentials. Discord Nitro gift codes are now demanded as ransomware payments. A one-click hack was found in popular desktop apps. ![]()
0 Comments
Leave a Reply. |