Month: March 2022

Hackers Pushed Mars Stealer Malware via OpenOffice Ads on Google

Mars Stealer, a recently launched data-stealing malware variant, has recently gained massive popularity. However, the first large-scale attack employing it has been identified by Morphisec’s cybersecurity experts. A re-design of Oski malware closed development in 2020, leading to Mars Stealer’s...

/ March 31, 2022

Ukraine Leaks Personal Details of 620 Alleged FSB Agents

The Ukrainian Defense Ministry’s Directorate of Intelligence claims the personal data includes names, phone numbers, addresses, vehicle license plates, SIM cards, dates/location of birth, signatures, and passport numbers. On Monday, March 28th, the Ukrainian Defense Ministry’s Directorate of Intelligence published...

/ March 31, 2022

Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework

The maintainers of Spring Framework have released an emergency patch to address a newly disclosed remote code execution flaw that, if successfully exploited, could allow an unauthenticated attacker to take control of a targeted system. Tracked as CVE-2022-22965, the high-severity...

/ March 31, 2022

Lazarus Trojanized DeFi app for delivering malware

For the Lazarus threat actor, financial gain is one of the prime motivations, with a particular emphasis on the cryptocurrency business. As the price of cryptocurrency surges, and the popularity of non-fungible token (NFT) and decentralized finance (DeFi) businesses continues...

/ March 31, 2022

Google Chrome 100 Released – Security Fixes, New Logo & More

The all-new Chrome 100 for the Stable desktop channel has been released by Google on March 29th, 2022. The new Google Chrome 100 (100.0.4896.60) includes several new additions like:- A new logo Security improvements Development features Many more The Chrome...

/ March 31, 2022

$625m Stolen From Ronin Network – The Blockchain Behind Axie Infinity Game

The company is collaborating with the law enforcement agency to recover 173,600 ETH and 25.5 million USDC (USD Coin) from the attacker. Ronin Network (RON), a blockchain network underpinning the famous crypto game Axie Infinity and Axie DAO has suffered...

/ March 30, 2022

Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread

A nascent information stealer called Mars has been observed in campaigns that take advantage of cracked versions of the malware to steal information stored in web browsers and cryptocurrency wallets. “Mars Stealer is being distributed via social engineering techniques, malspam...

/ March 30, 2022

Among Us servers back online after an over 48 hours DDoS attack

Posted on March 30, 2022 at 3:32 AM Among Us is the latest victim of a distributed denial-of-service attack. The servers of this company were non-operational for more than 48 hours. The DDoS attack was initially launched on March 24....

/ March 30, 2022

Okta Says It Was Wrong With Approach To The Lapsus$ Hacking Incident

Posted on March 30, 2022 at 3:28 AM Following the latest hacking incident by the Lapsus$ hacking group on identity management platform Okta, the company has come out to say it goofed regarding its handling of the hacking report. This...

/ March 30, 2022

Security updates to cover your entire attack surface

TL/DR: Just as vulnerabilities are constantly evolving, so must your approach to external attack surface monitoring. In addition to our ongoing Crowdsource security research, we have released new features on our platform. You can get critical insights on what is...

/ March 29, 2022

New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials

A threat actor of likely Pakistani origin has been attributed to yet another campaign designed to backdoor targets of interest with a Windows-based remote access trojan named CrimsonRAT since at least June 2021. “Transparent Tribe has been a highly active...

/ March 29, 2022

Hackers hijack conversations in a new email phishing campaign

Posted on March 29, 2022 at 11:23 AM Email phishing campaigns have become quite popular among hackers. Email phishing campaigns are done by hackers to gain access to user devices to steal sensitive information. In the recently detected email phishing...

/ March 29, 2022