Mar 25, 2024NewsroomSupply Chain Attack / Cryptocurrency Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. "The threat actors used multiple TTPs in this attack, including account takeover via stolen browser … [Read more...] about Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others
Hijack
Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account
Feb 03, 2024NewsroomVulnerability / Social Media The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account. "Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account," the maintainers said in a terse advisory. The … [Read more...] about Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account
How cybercriminals hijack Telegram accounts
Telegram users have recently begun encountering various Telegram messenger hijacking schemes. Things usually start off with a message from one of their contacts containing a link to some site. The bait can be an invitation to take part in an online vote or contest, a Telegram Premium gift or trial version, a request to sign a collective petition, or something else. What all … [Read more...] about How cybercriminals hijack Telegram accounts
Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
Jan 08, 2023Ravie LakshmananCyberespionage / Threat Analysis The Russian cyberespionage group known as Turla has been observed piggybacking on attack infrastructure used by a decade-old malware to deliver its own reconnaissance and backdoor tools to targets in Ukraine. Google-owned Mandiant, which is tracking the operation under the uncategorized cluster moniker UNC4210, said … [Read more...] about Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
Scammers used phishing QR codes to hijack QQ accounts
Folks today are generally mostly aware that clicking links from questionable sources, for example in e-mails, isn’t a good idea. However, when it comes to scanning QR codes, people are often much less vigilant. In fact, QR codes can be even more dangerous: while you can check a link with your own eyes before clicking, that’s not the case with a QR code. So perhaps this story … [Read more...] about Scammers used phishing QR codes to hijack QQ accounts
Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware
A new email phishing campaign has been spotted leveraging the tactic of conversation hijacking to deliver the IcedID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers. "The emails use a social engineering technique of conversation hijacking (also known as thread hijacking)," Israeli company Intezer said in a … [Read more...] about Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware
New Amazon Kindle Bug Could’ve Let Attackers Hijack Your eBook Reader
Amazon earlier this April addressed a critical vulnerability in its Kindle e-book reader platform that could have been potentially exploited to take full control over a user's device, resulting in the theft of sensitive information by just deploying a malicious e-book. "By sending Kindle users a single malicious e-book, a threat actor could have stolen any information stored on … [Read more...] about New Amazon Kindle Bug Could’ve Let Attackers Hijack Your eBook Reader
One-Click Exploit Could Have Let Attackers Hijack Any Atlassian Account
Cybersecurity researchers on Wednesday disclosed critical flaws in the Atlassian project and software development platform that could be exploited to take over an account and control some of the apps connected through its single sign-on (SSO) capability. "With just one click, an attacker could have used the flaws to get access to Atlassian's publish Jira system and get … [Read more...] about One-Click Exploit Could Have Let Attackers Hijack Any Atlassian Account
Valve’s Steam Server Bugs Could’ve Let Hackers Hijack Online Games
Critical flaws in a core networking library powering Valve's online gaming functionality could have allowed malicious actors to remotely crash games and even take control over affected 3rd-party game servers. "An attacker could remotely crash an opponent's game client to force a win or even perform a 'nuclear rage quit' and crash the Valve game server to end the game … [Read more...] about Valve’s Steam Server Bugs Could’ve Let Hackers Hijack Online Games
A Bug Could Let Attackers Hijack Firefox for Android via Wi-Fi Network
Dear Android users, if you use the Firefox web browser on your smartphones, make sure it has been updated to version 80 or the latest available version on the Google Play Store. ESET security researcher Lukas Stefanko yesterday tweeted an alert demonstrating the exploitation of a recently disclosed high-risk remote command execution vulnerability affecting the Firefox app for … [Read more...] about A Bug Could Let Attackers Hijack Firefox for Android via Wi-Fi Network