- Details
- BleepingComputer
September 11, 2023 BleepingComputer published Hackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to target Facebook business accounts with password-stealing malware.
The attackers trick the targets into downloading a RAR/ZIP archive containing a downloader for an evasive Python-based stealer that grabs cookies and passwords stored in the victim's browser. Read More..
- Details
- BleepingComputer
September 09, 2023 BleepingComputer published The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies today to patch security vulnerabilities abused as part of a zero-click iMessage exploit chain to infect iPhones with NSO Group's Pegasus spyware.
This warning comes after Citizen Lab disclosed that the two flaws were used to compromise fully-patched iPhones belonging to a Washington DC-based civil society organization using an exploit chain named BLASTPASS that worked via PassKit attachments containing malicious images. Read More..
- Details
- BleepingComputer
September 09, 2023 BleepingComputer published A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware.
The campaign started in late August 2023, when Microsoft Teams phishing messages were seen being sent by two compromised external Office 365 accounts to other organizations.
These accounts were used to trick other Microsoft Teams users into downloading and opening a ZIP file named "Changes to the vacation schedule." Read More..
- Details
- BleepingComputer
BleepingComputer published A team of researchers from the University of Wisconsin-Madison has uploaded to the Chrome Web Store a proof-of-concept extension that can steal plaintext passwords from a website's source code.
An examination of the text input fields in web browsers revealed that the coarse-grained permission model underpinning Chrome extensions violates the principles of least privilege and complete mediation.
Additionally, the researchers found that numerous websites with millions of visitors, including some Google and Cloudflare portals, store passwords in plaintext within the HTML source code of their web pages, allowing extensions to retrieve them. Read More..
- Details
- BleepingComputer
BleepingComputer published Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware's Aria Operations for Networks analysis tool (formerly known as vRealize Network Insight).
The flaw (tracked as CVE-2023-34039) was found by security analysts at ProjectDiscovery Research and patched by VMware on Wednesday with the release of version 6.11.
Successful exploitation enables remote attackers to bypass SSH authentication on unpatched appliances and access the tool's command line interface in low-complexity attacks that don't require user interaction because of what the company describes as "a lack of unique cryptographic key generation. Read More..
- Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security
- Trojanized Signal and Telegram Apps on Google Play Delivered Spyware
- Earth Estries' Espionage Campaign Targets Governments and Tech Titans Across Continents
- Hacking Campaign Bruteforces Cisco VPNs to Breach Networks
- New Android MMRat Malware Uses Protobuf Protocol To Steal Your Data