Month: March 2022
Hackers Pushed Mars Stealer Malware via OpenOffice Ads on Google
Mars Stealer, a recently launched data-stealing malware variant, has recently gained massive popularity. However, the first large-scale attack employing it has been identified by Morphisec’s cybersecurity experts. A re-design of Oski malware closed development in 2020, leading to Mars Stealer’s...
Ukraine Leaks Personal Details of 620 Alleged FSB Agents
The Ukrainian Defense Ministry’s Directorate of Intelligence claims the personal data includes names, phone numbers, addresses, vehicle license plates, SIM cards, dates/location of birth, signatures, and passport numbers. On Monday, March 28th, the Ukrainian Defense Ministry’s Directorate of Intelligence published...
Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework
The maintainers of Spring Framework have released an emergency patch to address a newly disclosed remote code execution flaw that, if successfully exploited, could allow an unauthenticated attacker to take control of a targeted system. Tracked as CVE-2022-22965, the high-severity...
Lazarus Trojanized DeFi app for delivering malware
For the Lazarus threat actor, financial gain is one of the prime motivations, with a particular emphasis on the cryptocurrency business. As the price of cryptocurrency surges, and the popularity of non-fungible token (NFT) and decentralized finance (DeFi) businesses continues...
Google Chrome 100 Released – Security Fixes, New Logo & More
The all-new Chrome 100 for the Stable desktop channel has been released by Google on March 29th, 2022. The new Google Chrome 100 (100.0.4896.60) includes several new additions like:- A new logo Security improvements Development features Many more The Chrome...
$625m Stolen From Ronin Network – The Blockchain Behind Axie Infinity Game
The company is collaborating with the law enforcement agency to recover 173,600 ETH and 25.5 million USDC (USD Coin) from the attacker. Ronin Network (RON), a blockchain network underpinning the famous crypto game Axie Infinity and Axie DAO has suffered...
Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread
A nascent information stealer called Mars has been observed in campaigns that take advantage of cracked versions of the malware to steal information stored in web browsers and cryptocurrency wallets. “Mars Stealer is being distributed via social engineering techniques, malspam...
Among Us servers back online after an over 48 hours DDoS attack
Posted on March 30, 2022 at 3:32 AM Among Us is the latest victim of a distributed denial-of-service attack. The servers of this company were non-operational for more than 48 hours. The DDoS attack was initially launched on March 24....
Okta Says It Was Wrong With Approach To The Lapsus$ Hacking Incident
Posted on March 30, 2022 at 3:28 AM Following the latest hacking incident by the Lapsus$ hacking group on identity management platform Okta, the company has come out to say it goofed regarding its handling of the hacking report. This...
Security updates to cover your entire attack surface
TL/DR: Just as vulnerabilities are constantly evolving, so must your approach to external attack surface monitoring. In addition to our ongoing Crowdsource security research, we have released new features on our platform. You can get critical insights on what is...
New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials
A threat actor of likely Pakistani origin has been attributed to yet another campaign designed to backdoor targets of interest with a Windows-based remote access trojan named CrimsonRAT since at least June 2021. “Transparent Tribe has been a highly active...
Hackers hijack conversations in a new email phishing campaign
Posted on March 29, 2022 at 11:23 AM Email phishing campaigns have become quite popular among hackers. Email phishing campaigns are done by hackers to gain access to user devices to steal sensitive information. In the recently detected email phishing...
