New Mockingjay process injection technique evades EDR detection
A new process injection technique named ‘Mockingjay’ could allow threat actors to bypass EDR (Endpoint Detection and Response) and other security products to stealthily execute…
Category: Bleeping Computer
Grafana warns of critical auth bypass due to Azure AD integration
Grafana has released security fixes for multiple versions of its application, addressing a vulnerability that enables attackers to bypass authentication and take over any Grafana…
Trojanized Super Mario game used to install Windows malware
A trojanized installer for the popular Super Mario 3: Mario Forever game for Windows has been infecting unsuspecting players with multiple malware infections. Super Mario 3: Mario…
New PindOS JavaScript dropper deploys Bumblebee, IcedID malware
Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks. PindOS is a…
Anatsa Android trojan now steals banking info from users in US, UK
A new mobile malware campaign since March 2023 pushes the Android banking trojan ‘Anatsa’ to online banking customers in the U.S., the U.K., Germany, Austria,…
Windows 11 is getting a built-in passkey manager for Windows Hello
Microsoft is expanding support for passkeys in Windows 11 to make it more secure to log into websites and apps using biometric authentication. Passkeys are…
Suncor Energy cyberattack impacts Petro-Canada gas stations
Petro-Canada gas stations across Canada are impacted by technical problems preventing customers from paying with credit card or rewards points as its parent company, Suncor…
Hackers steal data of 45,000 New York City students in MOVEit breach
The New York City Department of Education (NYC DOE) says hackers stole documents containing the sensitive personal information of up to 45,000 students from its…
Dark Web Forums vs. Illicit Telegram Communities
The proliferation of cybercrime on the internet has given rise to thousands of criminal communities. These corners of the internet, often dominated by malicious actors,…
Man charged in US for running ‘Monopoly’ darknet drug market
A 33-year-old man from Serbia has been extradited from Austria to the United States to face charges of running a criminal darknet narcotics marketplace called…
LastPass users furious after being locked out due to MFA resets
LastPass password manager users have been experiencing significant login issues starting early May after being prompted to reset their authenticator apps. The company first announced…
The Week in Ransomware – June 23rd 2023
It was a relatively quiet week regarding ransomware news, with the BlackCat ransomware gang extorting Reddit and the ongoing MOVEit Transfer data breaches being the…