A team of academics from the CISPA Helmholtz Center for Information Security in Germany has disclosed the details of a new hardware vulnerability affecting AMD processors. The security flaw, codenamed StackWarp, can allow bad actors with privileged control over a host server to run malicious code within confidential virtual machinesRead More »New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs
Posing as an ad blocker, the malicious extension crashes the browser to lure victims into installing malware. The post Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’ appeared first on SecurityWeek.
The compromised personal information includes names, dates of birth, Social Security numbers, and employment-related data. The post 42,000 Impacted by Ingram Micro Ransomware Attack appeared first on SecurityWeek.
Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a previously undocumented remote access trojan (RAT) dubbed ModeloRAT.Read More »CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures
Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one of the threat actors using the malware in their operations. “By exploiting it, we were able to collect system fingerprints,Read More »Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations
This blog entry provides an in-depth analysis of the multistage delivery of the Evelyn information stealer, which was used in a campaign targeting software developers.
Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group’s alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been added to the European Union’s Most Wanted and INTERPOL’s RedRead More »Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice
Nicholas Moore pleaded guilty to repeatedly hacking the U.S. Supreme Court’s filing system and illegally accessing computer systems belonging to AmeriCorps and the Department of Veterans Affairs. The post Tennessee Man Pleads Guilty to Repeatedly Hacking Supreme Court’s Filing System appeared first on SecurityWeek.
OpenAI on Friday said it would start showing ads in ChatGPT to logged-in adult U.S. users in both the free and ChatGPT Go tiers in the coming weeks, as the artificial intelligence (AI) company expanded access to its low-cost subscription globally. “You need to know that your data and conversationsRead More »OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans
The specifics of the Grubhub hacking remain unclear.
