[ad_1] An ongoing Google malvertisement campaign delivers malware installers that leverage KoiVM virtualization technology to evade detection when installing the Formbook data stealer. KoiVM is a plugin for the ConfuserEx .NET protector that obfuscates a program's opcodes so that the…
[ad_1] Nickolas Sharp, a former Ubiquiti employee who led the network device maker's cloud team, today pleaded guilty to stealing gigabytes of files from Ubiquiti's network and attempting to extort his employer while posing as an anonymous hacker and whistleblower.…
[ad_1] Security researchers warn that hackers may start using Microsoft Visual Studio Tools for Office (VSTO) more often as a method to achieve persistence and execute code on a target machine via malicious Office Add-ins. This technique is an alternative…
[ad_1] Microsoft says the KB5021751 update respects user privacy while identifying the number of customers running versions of Office that are outdated or approaching end of support. KB502175 is delivered via Windows Update to devices where the user has already…
[ad_1] A new cyber espionage campaign dubbed "No Pineapple!" was attributed to the North Korean hacking group Lazarus, allowing threat actors to stealthily steal 100 GB of data from the victim without causing destruction. The campaign ran between August and…
[ad_1] Cisco released security updates this week to address a high-severity vulnerability in the Cisco IOx Application Hosting Environment that can be exploited in command injection attacks. The security flaw (CVE-2023-20076) is due to the incomplete sanitization of the parameters…
[ad_1] The LockBit ransomware gang claimed responsibility for the cyberattack against ION Group, a UK-based software company whose products are used by financial institutions, banks and corporations for trading, investment management and market analysis. market. On January 31, 2023, the…
[ad_1] Tens of thousands of QNAP network-attached storage (NAS) devices are waiting to be patched against a critical security flaw patched by the Taiwanese company on Monday. Remote hackers can exploit this SQL injection vulnerability (CVE-2022-27596) to inject malicious code…
[ad_1] A threat actor named InTheBox is promoting an inventory of 1,894 web injections (phishing window overlays) on Russian cybercrime forums to steal credentials and sensitive data from banking apps, cryptocurrency and e-commerce exchange. The overlays are compatible with various…
[ad_1] New stealth malware designed to hunt down vulnerable Redis servers online has infected more than a thousand since September 2021 to create a botnet that mines the Monero cryptocurrency. Discovered by Aqua Security researchers Nitzan Yaakov and Asaf Eitani,…
