WhatsApp compromise leads to Astaroth deployment
Another campaign targeting WhatsApp users in Brazil spreads like a worm and employs multiple payloads for credential theft, session hijacking, and persistence
Similar Posts
How Long Does It Take Hackers to Crack Modern Hashing Algorithms?
Bys sWhile passwords remain the first line of defense for protecting user accounts against unauthorized access, the methods for creating strong passwords and protecting them are continually evolving. For example, NIST password recommendations are now prioritizing password length over complexity. Hashing, however, remains a non-negotiable. Even long secure passphrases should be hashed to prevent them
China accuses US of launching ‘advanced’ cyberattacks, names alleged NSA agents
Bys sLaurie Chen, Farah Master and Liz Lee report: China accused the United States National Security Agency (NSA) on Tuesday of launching “advanced” cyberattacks during the Asian Winter Games in February, targeting essential industries. Police in the northeastern city of Harbin said three alleged NSA agents to a wanted list and also accused the University of…
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector
Bys sMichael Gorelik of Morphisec writes: Morphisec recently investigated an incident involving a new variant of one of the most aggressive ransomware families: Mimic version 7.5. First observed in 2022, Mimic remains relatively underreported in the public domain, aside from a detailed analysis of Mimic version 6.3 that was previously published by Cyfirma and Kaspersky. Target Audience: This threat analysis…
Three PCIe Encryption Weaknesses Expose PCIe 5.0+ Systems to Faulty Data Handling
Bys sThree security vulnerabilities have been disclosed in the Peripheral Component Interconnect Express (PCIe) Integrity and Data Encryption (IDE) protocol specification that could expose a local attacker to serious risks. The flaws impact PCIe Base Specification Revision 5.0 and onwards in the protocol mechanism introduced by the IDE Engineering Change Notice (ECN), according to the PCI…
Data Breach Lawsuits Against Chord Specialty Dental Partners Consolidated
Bys sKathryn Rattigan of Robinson + Cole writes: Pennsylvania-based Chord Specialty Dental Partners is under fire after a September 2024 data breach compromised the personal information of over 173,000 individuals. At least seven proposed class action lawsuits have been filed in federal courts in Tennessee and Pennsylvania, alleging the company failed to secure and protect patient…
With his criminal trial looming, the hacker known as “DR32” pleaded guilty in federal court
Bys sWith only two weeks until his trial was scheduled to start, Australian national David Kee Crees informed a federal court in Colorado that he wanted to change his plea to guilty. On January 15, he pleaded guilty to 14 out of 22 counts. Background Crees, a 26 year-old Australian, was known online as Abdilo, DR32,…