-
"New YTStealer Malware Aims to Hijack Accounts of YouTube Content Creators"Researchers at Intezer have discovered a new data-stealing malware dubbed YTStealer that targets YouTube content creators by stealing their authentication cookies. The malicious tool is likely sold as a service on the dark web, and it is distributed via…
-
"Amazon Quietly Patches 'High Severity' Android Photos App Vulnerability"Researchers at cybersecurity firm Checkmarx alerted Amazon about a high severity vulnerability affecting the Amazon Photos Android app in December. The app contained a flaw that allowed attackers to steal a user's Amazon access token, which is required…
-
"CISA-Funded Project Enables Students With Disabilities to Learn Cybersecurity"Cybersecurity workforce development organization CYBER.ORG recently announced the launch of Project Access, a national effort to provide cybersecurity education to blind and visually impaired students. The new project is funded by the Cybersecurity…
-
"Tencent Acknowledges Using Poisoned QR Code on QQ Chat Platform Attack"Chinese Internet company Tencent has confirmed a significant account hijacking attack on its messaging and social networking platform QQ. A number of QQ users claimed that their login credentials were no longer giving them access to their accounts.…
-
"'Raccoon Stealer' Scurries Back on the Scene After Hiatus"Three months after ceasing operations due to the death of its lead developer in Ukraine, the creators of "Raccoon Stealer," one of the most prolific information stealers of 2021, have launched a new and enhanced version of the malware. Researchers from…
-
"Bringing Ransomware Infrastructure Into the Light"Researchers at Cisco Talos uncovered previously unknown infrastructure operated by several ransomware groups, including DarkAngels, Snatch, and Quantum, using various methods and some helpful mistakes by the operators themselves. Ransomware groups…
-
"New Bumblebee Malware Loader Increasingly Adopted by Cyber Threat Groups"Bumblebee, a recently discovered malware loader, has been linked to several prominent ransomware groups as a key component of numerous cyberattacks. According to the Symantec Threat Hunter Team, the tool has links to threat groups such as Conti, Quantum…
-
"Researchers Uncover ZuoRAT Malware Targeting Home-Office Routers"
Security Researchers at Black Lotus Labs discovered a new remote access trojan (RAT) called ZuoRAT, which targets remote workers via their small office/home office (SOHO) devices, including models from ASUS, Cisco, DrayTek, and NETGEAR. The…
-
"CISA Says 'PwnKit' Linux Vulnerability Exploited in Attacks"
The US Cybersecurity and Infrastructure Security Agency (CISA) says a Linux vulnerability tracked as CVE-2021-4034 dubbed PwnKit has been exploited in attacks. The flaw came to light in January and affects Polkit, a component designed for…
-
-
Spotlight on Lablet Research #31 - Predicting the Difficulty of Compromise through How Attackers Discover Vulnerabilities
Spotlight on Lablet Research #31 - Predicting the Difficulty of Compromise through How Attackers Discover Vulnerabilities
-
"AMD Targeted by RansomHouse, Cybercriminals Claim to Have '450 GB' in Stolen Data"The extortion group RansomHouse claims to have data stolen from the processor designer AMD following an alleged security breach earlier this year. According to RansomHouse, the files were obtained from an intrusion into AMD's network on January 5, 2022,…
News