New Mockingjay Process Injection Technique Could Let Malware Evade Detection

New Mockingjay Process Injection Technique Could Let Malware Evade Detection,

A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems.
« The injection is executed without space allocation, setting permissions or even starting a thread, » Security Joes researchers Thiago Peixoto, Felipe Duarte, and Ido Naor said in a report shared with The Hacker News. « The

,

A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems.
« The injection is executed without space allocation, setting permissions or even starting a thread, » Security Joes researchers Thiago Peixoto, Felipe Duarte, and Ido Naor said in a report shared with The Hacker News. « The

, ,
https://thehackernews.com/2023/06/new-mockingjay-process-injection.html

New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain

New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain,

Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution chain to deliver an unknown payload to targeted systems.
« The packages in question seem to be published in pairs, each pair working in unison to fetch additional resources which are subsequently decoded and/or executed, » software supply chain security firm Phylum said in

,

Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution chain to deliver an unknown payload to targeted systems.
« The packages in question seem to be published in pairs, each pair working in unison to fetch additional resources which are subsequently decoded and/or executed, » software supply chain security firm Phylum said in

, ,
https://thehackernews.com/2023/06/new-ongoing-campaign-targets-npm.html

Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation

Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation,

As the business environment becomes increasingly connected, organizations’ attack surfaces continue to expand, making it challenging to map and secure both known and unknown assets. In particular, unknown assets present security challenges related to shadow IT, misconfigurations, ineffective scan coverage, among others.
Given attack surface sprawl and evolving threats, many organizations are

,

As the business environment becomes increasingly connected, organizations’ attack surfaces continue to expand, making it challenging to map and secure both known and unknown assets. In particular, unknown assets present security challenges related to shadow IT, misconfigurations, ineffective scan coverage, among others.
Given attack surface sprawl and evolving threats, many organizations are

, ,
https://thehackernews.com/2023/06/beyond-asset-discovery-how-attack.html

EncroChat Bust Leads to 6,558 Criminals’ Arrests and €900 Million Seizure

EncroChat Bust Leads to 6,558 Criminals’ Arrests and €900 Million Seizure

,

Europol on Tuesday announced that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the seizure of €900 million in illicit criminal proceeds.
The law enforcement agency said that a subsequent joint investigation initiated by French and Dutch authorities intercepted and analyzed over 115 million conversations that took place over the encrypted messaging platform between no

,

Europol on Tuesday announced that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the seizure of €900 million in illicit criminal proceeds.
The law enforcement agency said that a subsequent joint investigation initiated by French and Dutch authorities intercepted and analyzed over 115 million conversations that took place over the encrypted messaging platform between no

, ,
https://thehackernews.com/2023/06/encrochat-bust-leads-to-6558-criminals.html

Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland

Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland,

A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023.
« The actors behind Anatsa aim to steal credentials used to authorize customers in mobile banking applications and perform Device-Takeover Fraud (DTO) to initiate fraudulent transactions, » ThreatFabric 

,

A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023.
« The actors behind Anatsa aim to steal credentials used to authorize customers in mobile banking applications and perform Device-Takeover Fraud (DTO) to initiate fraudulent transactions, » ThreatFabric 

, ,
https://thehackernews.com/2023/06/anatsa-banking-trojan-targeting-users.html

New Fortinet’s FortiNAC Vulnerability Exposes Networks to Code Execution Attacks

New Fortinet’s FortiNAC Vulnerability Exposes Networks to Code Execution Attacks

,

Fortinet has rolled out updates to address a critical security vulnerability impacting its FortiNAC network access control solution that could lead to the execution of arbitrary code.
Tracked as CVE-2023-33299, the flaw is rated 9.6 out of 10 for severity on the CVSS scoring system. It has been described as a case of Java untrusted object deserialization.
« A deserialization of untrusted data

,

Fortinet has rolled out updates to address a critical security vulnerability impacting its FortiNAC network access control solution that could lead to the execution of arbitrary code.
Tracked as CVE-2023-33299, the flaw is rated 9.6 out of 10 for severity on the CVSS scoring system. It has been described as a case of Java untrusted object deserialization.
« A deserialization of untrusted data

, ,
https://thehackernews.com/2023/06/new-fortinets-fortinac-vulnerability.html

Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers

Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers,

In what’s an ingenious side-channel attack, a group of academics has found that it’s possible to recover secret keys from a device by analyzing video footage of its power LED.
« Cryptographic computations performed by the CPU change the power consumption of the device which affects the brightness of the device’s power LED, » researchers from the Ben-Gurion University of the Negev and Cornell

,

In what’s an ingenious side-channel attack, a group of academics has found that it’s possible to recover secret keys from a device by analyzing video footage of its power LED.
« Cryptographic computations performed by the CPU change the power consumption of the device which affects the brightness of the device’s power LED, » researchers from the Ben-Gurion University of the Negev and Cornell

, ,
https://thehackernews.com/2023/06/researchers-find-way-to-recover.html

Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack

Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack,

An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an Apple macOS backdoor called JokerSpy.
Elastic Security Labs, which is monitoring the intrusion set under the name REF9134, said the attack led to the installation of Swiftbelt, a Swift-based enumeration tool inspired by an open-source utility called SeatBelt.
JokerSky was first

,

An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an Apple macOS backdoor called JokerSpy.
Elastic Security Labs, which is monitoring the intrusion set under the name REF9134, said the attack led to the installation of Swiftbelt, a Swift-based enumeration tool inspired by an open-source utility called SeatBelt.
JokerSky was first

, ,
https://thehackernews.com/2023/06/japanese-cryptocurrency-exchange-falls.html

How Generative AI Can Dupe SaaS Authentication Protocols — And Effective Ways To Prevent Other Key AI Risks in SaaS

How Generative AI Can Dupe SaaS Authentication Protocols — And Effective Ways To Prevent Other Key AI Risks in SaaS,

Security and IT teams are routinely forced to adopt software before fully understanding the security risks. And AI tools are no exception.
Employees and business leaders alike are flocking to generative AI software and similar programs, often unaware of the major SaaS security vulnerabilities they’re introducing into the enterprise. A February 2023 generative AI survey of 1,000 executives 

,

Security and IT teams are routinely forced to adopt software before fully understanding the security risks. And AI tools are no exception.
Employees and business leaders alike are flocking to generative AI software and similar programs, often unaware of the major SaaS security vulnerabilities they’re introducing into the enterprise. A February 2023 generative AI survey of 1,000 executives 

, ,
https://thehackernews.com/2023/06/how-generative-ai-can-dupe-saas.html

Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers

Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers,

Microsoft has disclosed that it’s detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker group known as Midnight Blizzard.
The intrusions, which made use of residential proxy services to obfuscate the source IP address of the attacks, target governments, IT service providers, NGOs, defense, and critical manufacturing sectors, the tech giant’s threat

,

Microsoft has disclosed that it’s detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker group known as Midnight Blizzard.
The intrusions, which made use of residential proxy services to obfuscate the source IP address of the attacks, target governments, IT service providers, NGOs, defense, and critical manufacturing sectors, the tech giant’s threat

, ,
https://thehackernews.com/2023/06/microsoft-warns-of-widescale-credential.html