The malware is dubbed CrypBot is essentially an information stealer that can obtain credentials for cryptocurrency wallets, browsers, credit cards, browser cookies, and capture screenshots from compromised devices. Cybersecurity solutions…
Tag: Firefox
Mozilla properly fuzzed NSS and still ended up with a simple memory corruption hole
When it comes to fuzzing, Mozilla has plenty of cred, and has been doing so for some time, and yet, its prized Network Security Services (NSS) library was busted by…
Yanluowang Ransomware Tied to Thieflock Threat Actor
Links between the tactics and tools demonstrated in attacks suggest a former affiliate has switched loyalties, according to new research. A threat actor previously tied to the Thieflock ransomware operation…
Microsoft MSHTML flaw exploited in Gmail and Instagram phishing scam
The attacks started in July 2021 in which threat actors exploited Microsoft MSHTML vulnerability to target overseas Iranians. SafeBreach Labs researchers discovered a new Iranian threat actor trying to steal…
Mozilla ends support for Firefox Lockwise password management app, strands iOS users
Farewell, sweet prince. Image: Mozilla Mozilla has emailed its Lockwise users to inform them that on December 13, it will be ending support for its Lockwise password management app. Lockwise…
Ransomware Phishing Emails Sneak Through SEGs
The MICROP ransomware spreads via Google Drive and locally stored passwords. Secure email gateway (SEG) protections aren’t necessarily enough to stop phishing emails from delivering ransomware to employees, especially if…
A full analysis of the BlackMatter ransomware
BlackMatter is the name given the most recent ransomware in the wild and equipped with the tools and techniques from DarkSide, REvil and LockBit 2.0 ransomware families. BlackMatter is a…
Magecart Credit Card Skimmer Avoids VMs to Fly Under the Radar
The Magecart threat actor uses a browser script to evade detection by researchers and sandboxes so it targets only victims’ machines to steal credentials and personal info. A new Magecart…
New malware lures fake Chrome update to attack Windows PCs
The prime target of this malware campaign is unsuspecting users on Windows 10. Rapid7 Managed Detection and Response team has shared details of their newly identified malware campaign, urging unsuspecting…
Snake Malware Used in Multiple Campaigns
The Snake password-stealing trojan that has been functioning since November 2020 is becoming increasingly prevalent among cybercriminals, becoming one of the most often exploited malware families in cyberattacks. A Look…