Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must be… Read More "5 Must-Have Tools for Effective Dynamic Malware Analysis"
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data
Oct 02, 2024The Hacker NewsSupply Chain Attack / Cryptocurrency A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and… Read More "PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data"
Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw
Oct 02, 2024The Hacker NewsEmail Security / Vulnerability Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor’s Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024.… Read More "Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw"
AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what’s called “Seed Phrase Image Recognition.” “This allows Rhadamanthys to extract… Read More "AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition"
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage
Oct 01, 2024The Hacker NewsGenerative AI / Data Protection Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with… Read More "5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage"
Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials
More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it’s being used by a large number of cybercriminals to conduct credential theft. “For prospective phishers, Sniper… Read More "Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials"
New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to “use Docker Swarm’s orchestration… Read More "New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet"
U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails
Oct 01, 2024Ravie LakshmananCorporate Security / Financial Fraud The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was… Read More "U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails"