Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia https://firewall.firm.in/wp-content/uploads/2024/11/hacking.png Nov 15, 2024Ravie LakshmananMalware / Credential Theft A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer. The malware “targets victims’ sensitive information, including credentials for various online accounts, VPN ...

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables https://firewall.firm.in/wp-content/uploads/2024/11/pistgresql.png Nov 15, 2024Ravie LakshmananVulnerability / Database Security Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure. The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of ...

New RustyAttr Malware Targets macOS Through Extended Attribute Abuse https://firewall.firm.in/wp-content/uploads/2024/11/gib.png Nov 14, 2024Ravie LakshmananCryptojacking / Threat Intelligence Threat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr. The Singaporean cybersecurity company has attributed the novel activity with moderate confidence to the infamous North Korea-linked Lazarus Group, citing ...

TikTok Pixel Privacy Nightmare: A New Case Study https://firewall.firm.in/wp-content/uploads/2024/11/tiktok.png Nov 14, 2024The Hacker NewsData Privacy / Compliance Advertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of American Gen Zs saying they use the platform to plan their vacations. But ...

5 BCDR Oversights That Leave You Exposed to Ransomware https://firewall.firm.in/wp-content/uploads/2024/11/main.png Ransomware isn’t just a buzzword; it’s one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in sophistication, with new ransomware groups constantly emerging. Their attack methods are evolving rapidly, becoming more dangerous and damaging than ever. ...

Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme https://firewall.firm.in/wp-content/uploads/2024/11/domain.png Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for using them in phishing attacks and investment fraud schemes for years. The findings come from Infoblox, which said it identified nearly 800,000 vulnerable registered domains over the past ...

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes https://firewall.firm.in/wp-content/uploads/2024/11/scams.png Nov 14, 2024Ravie LakshmananArtificial Intelligence / Cryptocurrency Google has revealed that bad actors are leveraging techniques like landing page cloaking to conduct scams by impersonating legitimate sites. “Cloaking is specifically designed to prevent moderation systems and teams from reviewing policy-violating content which enables them to deploy the scam ...

Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails https://firewall.firm.in/wp-content/uploads/2024/11/attack.png Nov 14, 2024Ravie LakshmananMalware / Vulnerability A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM ...

Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims https://firewall.firm.in/wp-content/uploads/2024/11/ransomware.png Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker’s inner workings, allowing the researchers to discover a “specific window of opportunity for data recovery immediately after the removal of protectors ...

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel https://firewall.firm.in/wp-content/uploads/2024/11/cyberattacks.png Nov 13, 2024Ravie LakshmananThreat Intelligence / Cyber Espionage A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE, has also targeted the Palestinian Authority, Jordan, Iraq, Saudi ...