Details

BleepingComputer

18 March 2024

SIM swappers have adapted their attacks to steal a target's phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.

Embedded Subscriber Identity Modules (eSIMs) are digital cards stored on the chip of the mobile device and serve the same role and purpose as a physical SIM card but can be remotely reprogrammed and provisioned, deactivated, swapped, deleted.

A user can typically add an eSIM to a device that supports the functionality by scanning a QR code from the service provider. The technology is becoming increasingly popular among smartphone makers because eSIMs eliminate the need for a SIM card slot and can offer cellular connectivity on small wearables. Read More..

Details

BleepingComputer

18 March 2024

A new variant of StopCrypt ransomware (aka STOP) was spotted in the wild, employing a multi-stage execution process that involves shellcodes to evade security tools. 

While you constantly hear how big some ransomware operations are, such as LockBit, BlackCat, and Clop, you rarely hear security researchers discussing STOP.

That is because this ransomware operation does not typically target businesses but rather consumers, hoping to generate tens of thousands small $400 to $1,000 ransom payments instead of one large multi-million-dollar demand.

The ransomware is commonly distributed via malvertising and shady sites distributing adware bundles disguised as free software, game cheats and software cracks.

However, when these programs are installed, the users become infected with a variety of malware, including password stealing trojans and STOP ransomware.

This leads infected users to desperately reach out to security researchers, ransomware experts, and our 807-page STOP ransomware forum topic to try and receive help. Read More..

Details

Cyber Security News

13 March 2024

Apart from ChatGPT and Gemini AI which are the most popular Artificial Intelligence systems available to the public, there are several other standalone chatbot applications that are available for users to deploy and use for their own personal customization. 

These standalone applications also provide the feature to plug in and test different AI models and can also bypass IP block restrictions.

One of the most popular standalone Gen AI chatbot applications available for users is the NextChat, a.k.a ChatGPT-Next-Web. Read More..

Details

Hackread

13 March 2024

Hackread reports that widely used software-as-a-service platforms are having their customers targeted by a novel Dropbox phishing attack that circumvents multifactor authentication to facilitate malware deployment and credential exfiltration activities since the end of January.

Attackers leveraging the 'no-reply@dropbox[.]com' domain sent emails with a Dropbox-hosted PDF to employees using the Darktrace SaaS environment, which when opened established a connection with a malicious endpoint redirecting to a fraudulent Microsoft 365 login page, according to a report from Darktrace. Aside from leveraging ExpressVPN-related endpoints to obfuscate their locations, threat actors also tapped valid tokens and fulfilled MFA requirements to avert the targeted organization's MFA policy, researchers said. Read More..