By Matt L. Hall Hackers have again created havoc with the Internet Archive and its Wayback Machine, just one day after the site reported it had been restored. While Archive-It and the Internet Archive blog are still up, currently, the rest of IA’s services are seemingly unavailable. That means if you’re an avid user of the digital library, expect the platform to be down until further notice. It’s frustrating, and unfortunately, […]
By Sergiu Gatlan: Google announced a new Chrome security feature called ‘Device Bound Session Credentials’ that ties cookies to a specific device, blocking hackers from stealing and using them to hijack users’ accounts. Cookies are files that websites use to remember your browsing information and preferences and automatically log you into a service or website. These cookies are created after you log into a service and verify multi-factor authentications, allowing […]
ByGuru Baran: The AhnLab Security Intelligence Center (ASEC) has detected a sophisticated cyberattack targeting users of the popular text and code editor, Notepad++. Hackers have successfully manipulated a default plugin within the Notepad++ package, potentially compromising the security of countless systems. The plugin in question, “mimeTools.dll,” is a standard component of Notepad++ that provides encoding functionalities, such as Base64. It is automatically included and loaded when Notepad++ is run, which the […]
By Balaji A new phishing campaign targets users with emails containing a button to “verify payment information.” Clicking the button triggers the download of a malicious JAR file (disguised as an invoice) that leverages a PowerShell command to download two additional JARs. The JARs deploy the STRRAT and VCURMS RATs, granting attackers remote access and keylogging capabilities and credential theft from browsers, applications, Discord, Steam, etc. In contrast, VCURMS can […]
ByBalaji: A new tool, GEOBOX, was advertised on the Dark Web that utilizes Raspberry Pi devices for fraud and anonymization, allowing users to spoof GPS locations, emulate network settings, mimic Wi-Fi access points, and bypass anti-fraud filters. Criminals were using multiple GEOBOX devices as proxies to enhance anonymity during an online banking theft investigation. Attackers are believed to utilize more custom-made or modified devices in the future, creating challenges for […]
