Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

New UULoader Malware Distributes Gh0st RAT and Mimikatz in East Asia

A new type of malware called UULoader is being used by threat actors to deliver next-stage payloads like Gh0st RAT and Mimikatz. The Cyberint Research Team, which discovered the malware, said it's distributed in the form of malicious installers for legitimate applications targeting Korean and Chinese speakers. There is evidence pointing to UULoader being the work of a Chinese speaker due to the

The Hacker News
Open in Source
#web#windows#google#microsoft#git#intel#chrome#The Hacker News
How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions

An adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft's applications to gain their entitlements and user-granted permissions.

A week in security (August 12 – August 18)

A list of topics we covered in the week of August 12 to August 18 of 2024

Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group

A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea. The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), has been described as a privilege escalation bug in the Windows Ancillary Function Driver (AFD.sys) for WinSock. "An attacker who successfully exploited this

OpenAI Blocks Iranian Influence Operation Using ChatGPT for U.S. Election Propaganda

OpenAI on Friday said it banned a set of accounts linked to what it said was an Iranian covert influence operation that leveraged ChatGPT to generate content that, among other things, focused on the upcoming U.S. presidential election. "This week we identified and took down a cluster of ChatGPT accounts that were generating content for a covert Iranian influence operation identified as

Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics

Chinese-speaking users are the target of an ongoing campaign that distributes malware known as ValleyRAT. "ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy arbitrary plugins to cause further damage," Fortinet FortiGuard Labs researchers Eduardo Altares and Joie Salvio said. "Another noteworthy characteristic of this malware is its

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems

Cybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground for a steep price of $3,000 a month and works across both x86_64 and ARM64 architectures.  "Banshee Stealer targets a wide range of browsers, cryptocurrency wallets, and around 100 browser

Dozens of Google products targeted by scammers via malicious search ads

In a clever scheme designed to abuse Google in more than one way, scammers are redirecting users to browser locks.

AI, election security headline discussions at Black Hat and DEF CON

Voting Village co-founder Harri Hursti told Politico the list of vulnerabilities ran “multiple pages.”

Ubuntu Security Notice USN-6951-2

Ubuntu Security Notice 6951-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.