Security News

New TetrisPhantom hackers steal data from secure USB drives on govt systems
2023-10-22 15:18

A new sophisticated threat tracked as 'TetrisPhantom' has been using compromised secure USB drives to target government systems in the Asia-Pacific region. Secure USB drives store files in an encrypted part of the device and are used to safely transfer data between systems, including those in an air-gapped environment.

Chaes malware now uses Google Chrome DevTools Protocol to steal data
2023-09-05 17:01

The Chaes malware has returned as a new, more advanced variant that includes a custom implementation of the Google DevTools protocol for direct access to the victim's browser functions, allowing it to steal data using WebSockets. A new feature that stands out is Chaes' use of the Chrome DevTools Protocol to steal data from the web browser, including the real-time modification of web pages, execution of JavaScript code, debugging, network request management, memory management, cookie and cache management, and more.

Florida Man and associates indicted for conspiracy to steal data, software
2023-08-15 06:58

Authorities in the US state of Georgia have indicted a famous Floridian and his loyal associates on counts including theft of data, software, and personal information. The celebrity defendant, a 77-year-old whose career has spanned real estate development, reality television, wagering, and a four-year term as president of the United States, was one of 19 people named in a 91-page indictment that lists 41 counts and details a "a conspiracy to unlawfully change the outcome of the election."

Hackers steal data of 45,000 New York City students in MOVEit breach
2023-06-26 16:15

The New York City Department of Education says hackers stole documents containing the sensitive personal information of up to 45,000 students from its MOVEit Transfer server.The Clop ransomware gang has claimed responsibility for the CVE-2023-34362 MOVEit Transfer attacks on June 5 in a statement shared with BleepingComputer, with the cybercrime gang saying it breached the MOVEit servers of "Hundreds of companies."

Barracuda zero-day abused since 2022 to drop new malware, steal data
2023-05-30 20:25

Network and email security firm Barracuda today revealed that a recently patched zero-day vulnerability had been exploited for at least seven months to backdoor customers' Email Security Gateway appliances with custom malware and steal data. The company says an ongoing investigation found that the bug was first exploited in October 2022 to gain access to "a subset of ESG appliances" and deploy backdoors designed to provide the attackers with persistent access to the compromised systems.

Hot Pixels attack checks CPU temp, power changes to steal data
2023-05-27 14:08

A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called "Hot Pixels," which can retrieve pixels from the content displayed in the target's browser and infer the navigation history. Next, the team experimented with data-dependent leakage channels on discreet and integrated GPUs, including Apple's M1 and M2, AMD Radeon RX 6600, Nvidia GeForce RTX 3060, and Intel Iris Xe. The researchers performed a detailed investigation and characterization of how different processing behaviors could impact observable factors like power consumption, temperature, and frequency and used this data as a foundation to evaluate the "Hot Pixels" attack.

North Korean hackers breached major hospital in Seoul to steal data
2023-05-10 21:16

The Korean National Police Agency warned that North Korean hackers had breached the network of one of the country's largest hospitals, Seoul National University Hospital, to steal sensitive medical information and personal details. The intrusion techniques observed in the attacks, the IP addresses that have been independently linked to North Korean threat actors, the website registration details, the use of specific language and North Korean vocabulary.

Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
2023-03-24 13:40

A malicious Python package on the Python Package Index repository has been found to use Unicode as a trick to evade detection and deploy an info-stealing malware. The package in question, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to harvest and exfiltrate credentials and other valuable data.

Unknown actors deploy malware to steal data in occupied regions of Ukraine
2023-03-22 07:32

A cyber espionage campaign targeting organizations in Russian-occupied regions of Ukraine is using novel malware to steal data, according to Russia-based infosec software vendor Kaspersky. In a report published Tuesday, Kaspersky researchers detailed the infections, which use a PowerShell-based backdoor they've named "PowerMagic" and a previously unknown framework dubbed "CommonMagic" that can steal files from USB devices, take screenshots every three seconds, and send all of this data back to the attacker.

Hackers use new PowerMagic and CommonMagic malware to steal data
2023-03-21 20:33

Security researchers have discovered attacks from an advanced threat actor that used "a previously unseen malicious framework" called CommonMagic and a new backdoor called PowerMagic. Researchers at cybersecurity company Kaspersky say that the hackers are interested in collecting data from victims in Donetsk, Lugansk, and Crimea.