No recent events yet!
A new variant of Infostealer Malware with upgraded modular capabilities, known as BunnyLoader 3.0 (Player_Bunny), has been discovered in the wild, posing a serious threat due to its enhanced capabilities for stealing information, credentials, digital currency, and delivering additional malware payloads. The third version of the information-stealing malware-as-a-service threat has more data theft modules, stronger keylogging features, smaller payloads, and improved stealth. Aside from its unique denial-of-service capabilities, BunnyLoader 3.0 has separate binaries for modules involved in DoS, keylogging, clipping, and data exfiltration. This emphasizes the need of putting safeguards in place to prevent this threat.
Security researchers have revealed a new tactics deployed by cyber criminals to hack Windows systems. The elaborate attack campaign nicknamed DEEP#GOSU, is likely associated with the group tracked as Kimsuky. This campaign is an eight-stage attack chain that employs the use of PowerShell and VBScript malware to infect Windows systems and harvest sensitive information, with implications for data and financial losses. Users of Windows system are therefore advised to take proactive steps provided herein to mitigate the threats.
Recent security updates revealed the existence of two exploited zero-day vulnerabilities and six serious vulnerabilities in various Microsoft products. According to reports, these vulnerabilities could allow attackers to circumvent security measures, gain unauthorised access, and execute malicious code on vulnerable computers, resulting in additional attacks. As a result, Microsoft has released new security patches to fix the weaknesses, which include five critical vulnerabilities and numerous more. In light of the foregoing, users are encouraged to take immediate action to mitigate the threats.
Security researchers discovered three high-severity vulnerabilities in the Google Chrome browser (CVE-2024-1060, CVE-2024-1059, and CVE-2024-1077). According to reports, the vulnerabilities might allow threat actors to remotely exploit Chrome, potentially executing arbitrary code, stealing sensitive user data, or causing system crashes. Meanwhile, Google has released new security updates to address many vulnerabilities in its Chrome browser. Nonetheless, users must take proper actions to mitigate dangers.
Chameleon, a rapidly evolving Android banking Trojans, has been discovered to be targeting Android users globally. The new Android malware type has the potential to bypass any biometric authentication, steal sensitive information such as login credentials and credit card information, and conduct fraudulent operations via banking applications. Chameleon's ability to disable biometric security measures such as fingerprint and facial unlock makes it more dangerous, with disastrous consequences for Android banking users. This highlights the importance for Android phone owners to take the required precautions to mitigate the aforementioned threat.
