Jun 14, 2023Ravie LakshmananCyber Threat / Malware A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. "This new malware strain tries to steal sensitive information from its victims," Trellix researcher Ernesto Fernández Provecho said in a Tuesday analysis. "To accomplish this task, it searches for … [Read more...] about New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs
windows
New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web
Apr 24, 2023Ravie LakshmananCyber Risk / Dark Web A new "all-in-one" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "It also contains environment … [Read more...] about New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web
Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools
Mar 27, 2023Ravie LakshmananPrivacy / Windows Security Microsoft has released an out-of-band update to address a privacy-defeating flaw in its screenshot editing tool for Windows 10 and Windows 11. The issue, dubbed aCropalypse, could enable malicious actors to recover edited portions of screenshots, potentially revealing sensitive information that may have been cropped … [Read more...] about Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools
“Fobo” Trojan distributed as ChatGPT client for Windows
The golden rule — “if something is popular, criminals will exploit it” — strikes once again. This time, we’re talking about the trending ChatGPT chatbot, developed by OpenAI, which has been all over the news of late. A word about the popularity of ChatGPT When OpenAI opened access to its AI chatbot (that is, a chatbot based on neural networks trained on a vast corpus of text), … [Read more...] about “Fobo” Trojan distributed as ChatGPT client for Windows
Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities
Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities. Mandiant, which discovered the "socially engineered supply chain" attack around mid-July 2022, said the malicious ISO files were distributed via Ukrainian- and Russian-language Torrent websites. … [Read more...] about Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities
Researchers Reveal Detail for Windows Zero-Day Vulnerability Patched Last Month
Details have emerged about a now-patched security flaw in Windows Common Log File System (CLFS) that could be exploited by an attacker to gain elevated permissions on compromised machines. Tracked as CVE-2022-37969 (CVSS score: 7.8), the issue was addressed by Microsoft as part of its Patch Tuesday updates for September 2022, while also noting that it was being actively … [Read more...] about Researchers Reveal Detail for Windows Zero-Day Vulnerability Patched Last Month
New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems
A previously undocumented command-and-control (C2) framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems. "Alchimist C2 has a web interface written in Simplified Chinese and can generate a configured payload, establish remote sessions, deploy payload to the remote machines, capture screenshots, perform remote shellcode … [Read more...] about New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems
Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems
A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet. "Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically … [Read more...] about Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems
Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
A pair of reports from cybersecurity firms SEKOIA and Trend Micro sheds light on a new campaign undertaken by a Chinese threat actor named Lucky Mouse that involves leveraging a trojanized version of a cross-platform messaging app to backdoor systems. Infection chains leverage a chat application called MiMi, with its installer files compromised to download and install HyperBro … [Read more...] about Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
New Rust-based Ransomware Family Targets Windows, Linux, and ESXi Systems — The Hacker News
Kaspersky security researchers have disclosed details of a brand-new ransomware family written in Rust, making it the third strain after BlackCat and Hive to use the programming language. Luna, as it's called, is "fairly simple" and can run on Windows, Linux, and ESXi systems, with the malware banking on a combination of Curve25519 and AES for encryption. "Both the Linux and … [Read more...] about New Rust-based Ransomware Family Targets Windows, Linux, and ESXi Systems — The Hacker News