FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps

FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps,

An Android voice phishing (aka vishing) malware campaign known as FakeCalls has reared its head once again to target South Korean users under the guise of over 20 popular financial apps.
« FakeCalls malware possesses the functionality of a Swiss army knife, able not only to conduct its primary aim but also to extract private data from the victim’s device, » cybersecurity firm Check Point said.

,

An Android voice phishing (aka vishing) malware campaign known as FakeCalls has reared its head once again to target South Korean users under the guise of over 20 popular financial apps.
« FakeCalls malware possesses the functionality of a Swiss army knife, able not only to conduct its primary aim but also to extract private data from the victim’s device, » cybersecurity firm Check Point said.

, ,
https://thehackernews.com/2023/03/fakecalls-vishing-malware-targets-south.html

THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter

THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter,

Think of the typical portrayal of a cyberattack. Bad guy pounding furiously on a keyboard, his eyes peeking out from under a dark hoodie. At long last, his efforts pay off and he hits the right combination of keys. « I’m in! » he shouts in triumph.
Clearly, there are many problems with this scenario – and it’s not just the hoodie. What’s even more inaccurate is that most cyber attackers today do

,

Think of the typical portrayal of a cyberattack. Bad guy pounding furiously on a keyboard, his eyes peeking out from under a dark hoodie. At long last, his efforts pay off and he hits the right combination of keys. « I’m in! » he shouts in triumph.
Clearly, there are many problems with this scenario – and it’s not just the hoodie. What’s even more inaccurate is that most cyber attackers today do

, ,
https://thehackernews.com/2023/03/thn-webinar-3-research-backed-ways-to.html

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks,

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service (DDoS) attacks.
« The malware binaries appear to have been named by the malware author after a character from the popular anime series, Naruto, with file name structures such as ‘Hinata–,' » Akamai said in a

,

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service (DDoS) attacks.
« The malware binaries appear to have been named by the malware author after a character from the popular anime series, Naruto, with file name structures such as ‘Hinata–,' » Akamai said in a

, ,
https://thehackernews.com/2023/03/new-golang-based-hinatabot-exploiting.html

A New Security Category Addresses Web-borne Threats

A New Security Category Addresses Web-borne Threats,

In the modern corporate IT environment, which relies on cloud connectivity, global connections and large volumes of data, the browser is now the most important work interface. The browser connects employees to managed resources, devices to the web, and the on-prem environment to the cloud one.
Yet, and probably unsurprisingly, this browser prominence has significantly increased the number of

,

In the modern corporate IT environment, which relies on cloud connectivity, global connections and large volumes of data, the browser is now the most important work interface. The browser connects employees to managed resources, devices to the web, and the on-prem environment to the cloud one.
Yet, and probably unsurprisingly, this browser prominence has significantly increased the number of

, ,
https://thehackernews.com/2023/03/a-new-security-category-addresses-web.html

Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware

Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware,

Copycat websites for instant messaging apps like Telegram and WhatApp are being used to distribute trojanized versions and infect Android and Windows users with cryptocurrency clipper malware.
« All of them are after victims’ cryptocurrency funds, with several targeting cryptocurrency wallets, » ESET researchers Lukáš Štefanko and Peter Strýček said in a new analysis.
While the first instance of

,

Copycat websites for instant messaging apps like Telegram and WhatApp are being used to distribute trojanized versions and infect Android and Windows users with cryptocurrency clipper malware.
« All of them are after victims’ cryptocurrency funds, with several targeting cryptocurrency wallets, » ESET researchers Lukáš Štefanko and Peter Strýček said in a new analysis.
While the first instance of

, ,
https://thehackernews.com/2023/03/lookalike-telegram-and-whatsapp.html

Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials

Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials,

The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021.
The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign Affairs, and individuals within the Indian government, SentinelOne said in a report shared with The

,

The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021.
The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign Affairs, and individuals within the Indian government, SentinelOne said in a report shared with The

, ,
https://thehackernews.com/2023/03/winter-vivern-apt-group-targeting.html

Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips

Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips,

Google is calling attention to a set of severe security flaws in Samsung’s Exynos chips, some of which could be exploited remotely to completely compromise a phone without requiring any user interaction.
The 18 zero-day vulnerabilities affect a wide range of Android smartphones from Samsung, Vivo, Google, wearables using the Exynos W920 chipset, and vehicles equipped with the Exynos Auto T5123

,

Google is calling attention to a set of severe security flaws in Samsung’s Exynos chips, some of which could be exploited remotely to completely compromise a phone without requiring any user interaction.
The 18 zero-day vulnerabilities affect a wide range of Android smartphones from Samsung, Vivo, Google, wearables using the Exynos W920 chipset, and vehicles equipped with the Exynos Auto T5123

, ,
https://thehackernews.com/2023/03/google-uncovers-18-severe-security.html

Google a trouvé 18 failles zero-day dans des puces Exynos de Samsung

Google a trouvé 18 failles zero-day dans des puces Exynos de Samsung,

Galaxy S22

L’équipe de chercheurs en sécurité de Google a trouvé de nombreuses vulnérabilités dans certaines puces fabriquées par Samsung. Des dizaines de modèles de smartphones Android, mais aussi des wearables et des voitures, seraient touchés par ces failles.

,

Galaxy S22

L’équipe de chercheurs en sécurité de Google a trouvé de nombreuses vulnérabilités dans certaines puces fabriquées par Samsung. Des dizaines de modèles de smartphones Android, mais aussi des wearables et des voitures, seraient touchés par ces failles.

, ,
https://www.01net.com/actualites/google-a-trouve-18-failles-zero-day-dans-des-puces-exynos-de-samsung.html

Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection,

Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware that’s designed to load Cobalt Strike onto infected machines.
Dubbed SILKLOADER by Finnish cybersecurity company WithSecure, the malware leverages DLL side-loading techniques to deliver commercial adversary simulation software.
The development comes as 

,

Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware that’s designed to load Cobalt Strike onto infected machines.
Dubbed SILKLOADER by Finnish cybersecurity company WithSecure, the malware leverages DLL side-loading techniques to deliver commercial adversary simulation software.
The development comes as 

, ,
https://thehackernews.com/2023/03/chinese-and-russian-hackers-using.html

Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration

Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration,

The cryptojacking group known as TeamTNT is suspected to be behind a previously undiscovered strain of malware used to mine Monero cryptocurrency on compromised systems.
That’s according to Cado Security, which found the sample after Sysdig detailed a sophisticated attack known as SCARLETEEL aimed at containerized environments to ultimately steal proprietary data and software.
Specifically, the

,

The cryptojacking group known as TeamTNT is suspected to be behind a previously undiscovered strain of malware used to mine Monero cryptocurrency on compromised systems.
That’s according to Cado Security, which found the sample after Sysdig detailed a sophisticated attack known as SCARLETEEL aimed at containerized environments to ultimately steal proprietary data and software.
Specifically, the

, ,
https://thehackernews.com/2023/03/cryptojacking-group-teamtnt-suspected.html