#intel

Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks. "Threat actors (TAs) using built-in data exfiltration methods like [living off the land binaries and scripts] negate the need to bring in external tools that might be flagged by

A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control (C2). "Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors," cybersecurity company Uptycs said in a report published last week. "Once the

Categories: News Categories: Scams Tags: IRS tax scam Tags: tax scam Tags: IRS Tags: Jerome Segura Tags: Telegram bot Tags: Emotet Expect more IRS tax-related shenanigans from fraudsters, who are now going for corporate accounts, after some states received deadline extensions. (Read more...) The post Beware: Fake IRS tax email wants your Microsoft account appeared first on Malwarebytes Labs.

In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface.

Plus: Hackers claim to have stolen 10 TB from Western Digital, a new spyware has emerged, and WhatsApp gets a fresh security feature.

Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been

The threat group behind the SolarWinds supply chain attacks is back with new tools for spying on officials in NATO countries and Africa.

The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland's Military Counterintelligence Service and the CERT Polska team, the observed activity shares tactical overlaps with a cluster tracked by Microsoft as

Categories: News Tags: kidnap Tags: scam Tags: virtual Tags: AI Tags: voice Tags: fake Tags: fraud Tags: hoax Tags: kidnapping We take a look at claims that AI is now being used for a notorious form of kidnapping hoax. (Read more...) The post Is AI being used for virtual kidnapping scams? appeared first on Malwarebytes Labs.

Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company's MyBB forum database containing user data and private messages. What's more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. "MyBB admin logs show the account of a trusted but currently