-
Ransomware Says Hello: Hello XD Ransomware Gets Active
The ransomware operators have released a new version featuring improved encryption.Security researchers note a surge in Hello XD malware activity. This ransomware was first discovered in November 2021. Hello XD is written in stolen Babuk ransomware source code and has been used in several double ransomware attacks. During these attacks, the attackers stole corporate data before encrypting the information on the victim's device.The malware works quite simply: it encrypts the data and appends .hello to the end of the file name. For example, sample.jpg becomes sample.jpg.hello and 1.png becomes 1.png.hello. In addition, Hello XD generates...
-
New Google Chrome extension spoofs your location
Will it be a VPN replacement?A new Google Chrome browser extension called Vytal prevents web pages from tracking a user's location, even when using a VPN.A VPN hides the device's IP address and physical location, but a website can obtain information directly from a web browser to determine the user's general geolocation using time zone and local time data. So the website can determine the country of the user and block the content. Also, the site can track general information about the visitor even when using a VPN.Recently, developer z0ccc shared a new Vytal extension...
-
Your browser stores all passwords in plain text
Unrecoverable Chromium issue allows attacker to remotely steal all passwords.According to CyberArk security researcher Zeev Ben Porat, a web browser can store confidential and credential data, as well as cookies, in clear text in memory. The flaw is found in Chromium-based browsers, including Google Chrome, Microsoft Edge, Brave, and Mozilla Firefox.Physical access to the target device is not required, as remote access is sufficient to retrieve data. Extraction can be done from any non-elevated process. According to Ze'ev Ben Porat, you can "load into memory all the passwords that are stored in the password manager."...
-
Confluence servers hit by cyber-ransomware attacks
Ransomware operators AvosLocker and Cerber2021 have exploited a recently patched vulnerability in the Atlassian Confluence Server and Data Center.Ransomware is actively exploiting a recently patched vulnerability in Atlassian Confluence Server and Data Center products to gain initial access to corporate networks.Successful exploitation of the vulnerability (CVE-2022-26134) allows an unauthorized attacker to remotely take control of an affected server by creating new administrator accounts and executing arbitrary code. The vulnerability was fixed at the beginning of this month, and by that time it had already been exploited by hackers. After some time, an accessible exploit was...
-
Iranian hackers attack energy companies with new backdoor
The Lyceum grouping uses a DIG.net-based DNS backdoor to intercept DNS, execute commands, and more.Iranian APT group Lyceum has armed itself with a new .NET DNS backdoor and is now attacking energy and telecommunications companies.Lyceum is a government-funded hacker group, also known as Hexane and Spilrin, that specializes in cyber espionage. It used to attack carriers in the Middle East with DNS tunneling backdoors.However, Zscaler discovered that the group has now started using a new DNS backdoor based on the DIG.net open source tool for DNS hijacking, command execution, additional payload loading, and data theft.DNS...
-
"Cocaine is cheaper!": In the US, the senator compared the prices of gasoline and drugs
US Senator John Kennedy compares cocaine and gasoline prices.US Senator John Kennedy from Louisiana jokingly commented on the sharp rise in gasoline prices in America. He stated that in his home state, fuel is so expensive that it is more profitable to buy cocaine and just run the same route."In my state, the price of gasoline is so high that it would be cheaper to buy cocaine and just run around," Kennedy said on Fox News.Thus, a representative of the Republican Party criticized US President Joe Biden for his inability to cope with rising fuel...
-
Most Common Drugs in the World (2022)
Despite strong prohibition laws in many parts of the world, many common illicit drugs are still widely used. People have a legendary and complicated relationship with drugs. Many drugs, defined as chemicals that cause changes in our physiology or psychology, are taken for medical or cultural purposes, such as caffeine, nicotine, and alcohol. But many drugs, including drugs and non-medical substances taken as drugs, are taken recreationally and can be abused. Every country and every nation has its own attitude towards drugs: some take certain substances, while others categorically avoid them.What types of common drugs...
-
The Cuba faction is back in action with an updated ransomware variant
A new ransomware variant has been discovered with additions and changes that make it even more dangerous.Cuba ransomware operators are back in action, bringing with them a new version of the ransomware.Cuba's activity peaked in 2021, when the group partnered with Hancitor malware operators to gain initial access to attacked networks. By the end of the year, she had hacked 49 critical infrastructure organizations in the US. This year, however, did not start off so impressively, with Cuba ransomware only infecting a handful of victims. However, security firm Mandiant has discovered that the group is...
-
Bonet Emotet infects Google Chrome users with infostealer
The botnet began to infect user systems with a new module for stealing bank card data.The Emotet botnet is now infecting potential victims with a malware that steals credit card information from Google Chrome user profiles. After stealing the data (name and surname of the cardholder, expiration date, number), the malware sends them to third-party C&C servers that are not related to the infostealer.“On June 6, Proofpoint experts discovered a new Emotet module delivered by the E4 botnet. To our surprise, it turned out to be an infostealer for stealing bank card data, attacking only...
-
China urged to "seize Taiwan and TSMC" if sanctions are imposed
This was stated by the chief economist of the State China Center for International Economic Exchanges.China should seize one of the leading chip factories, Taiwan's Taiwan Semiconductor Manufacturing Co. (TSMC) if the US imposes sanctions on mainland China similar to those imposed on Russia, reports Bloomberg.This opinion was expressed by Chen Wenling, Chief Economist of the State China Center for International Economic Exchanges.“If the US and the West impose destructive sanctions against China, like sanctions against Russia, we must return Taiwan,” Chen Wenling said. According to the expert, "taking over TSMC is especially important in...
