Hackerzhome

hackerzhome-logo-bg

Cybersecurity news all over the world

HACKERZHOME NEWS

March 14, 2023

Tuesday

Microsoft Issues Warning About Widespread Usage of Phishing Kits for Daily Millions of Emails

Because of their capacity to plan large-scale attacks, open-source adversary-in-the-middle (AiTM) phishing kits have attracted many adopters in the cybercrime world.


Using the emerging alias DEV-1101, Microsoft Threat Intelligence is monitoring the threat actor that created the kit.


In a typical AiTM phishing assault, a threat actor places a proxy server between the user and the website to collect and intercept the target’s password and session cookies.


These assaults are increasingly successful since they can overcome multi-factor authentication (MFA) security measures.


According to the tech giant, DEV-1101 is the person or entity behind several phishing kits that other criminal actors can buy or rent, lowering the work and resources needed to conduct a phishing campaign.


The double theft that can occur when the stolen credentials are provided to both the phishing-as-a-service provider and their clients is another risk associated with the service-based economy that underpins such services.


With the help of the open source kit from DEV-1101, it is possible to create phishing landing pages that imitate Microsoft Office and Outlook, administer campaigns from mobile devices, and even employ CAPTCHA checks to avoid detection.

NEWS 1
Microsoft Issues Warning About Widespread Usage of Phishing Kits for Daily Millions of Emails

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

Game developer for STALKER 2 attacked by Russian hacktivists; data stolen

The highly anticipated video game “STALKER 2: Heart of Chornobyl” was created by GSC Game World. GSC Game World announced that their systems had been compromised, allowing threat actors to grab game assets during the attack.

With the use of the information they have obtained, they are threatening to intimidate and blackmail people.

Our data, including personal information, has already been breached and leaked. We’ve been experiencing persistent incursions for more than a year now.

This, according to GSC Game World, is just one of the numerous hacks, cyber aggression, and extortion attempts that have been made against the company in the last year in an effort to obstruct game production and damage its reputation.

The hackers claimed to have stolen a “huge quantity of STALKER 2 content,” including the complete plot, cutscene descriptions, concept art, world maps, and more, in a message posted on the Russian social media site VK.

A few of those have already been made public as examples to back up the claims of data breaches, but most have been kept secret to extort the game publisher.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

March 14, 2023 /

Tuesday

Hackerzhome News

2

Have you heard?
Newest Dark Pink APT Attacks On Southeast Asian Targets Employ The KamiKakaBot Malware Know more!

In the Euler Financial assault, hackers stole $197 million in cryptocurrency.

In the Euler Financial assault, hackers stole $197 million in cryptocurrency.

On Sunday, a cryptocurrency flash loan assault on the lending platform Euler Finance resulted in the theft of $197 million in various digital assets by the threat actor.

The theft of several cryptocurrencies included DAI worth $8.75 million, WBTC worth $18.5 million, USDC worth $33.85 million, and starting around $135.8 million.

Elliptic notes that the threat actors are already using the authorized cryptocurrency mixer Tornado Cash to launder the money.

The UK-based startup Euler Labs, which created Euler Finance, issued a brief statement on Twitter stating that they are currently speaking with security experts and law enforcement authorities and will provide more details as soon as they are prepared.

Flash loan attacks take advantage of a flaw in a lending protocol to take out a sizable loan without having to pay it back to the service.

In order to make a significant profit when the deal is finished, the attackers employ an exploit that enables them to control the price of a token or asset on the platform during the brief seconds that they retain the lent amount.

Threat actors used a similar flash loan attack to target the Beanstalk DeFi platform in April 2022, stealing $182 million worth of assets.

According to the blockchain security and analytics firm PeckShield, Euler’s attack was made feasible by faulty reasoning in its donation and liquidation system.

NEWS 3

On iOS and Android, the Outlook app will include Microsoft 365 MFA.

On iOS and Android, the Outlook app will include Microsoft 365 MFA.
NEWS 4

By integrating MFA features into the Outlook email client, Microsoft will shortly hasten the adoption of MFA for its Microsoft 365 cloud productivity platform.

Users will be able to respond to MFA requests for Microsoft 365 apps right in the Outlook app thanks to a new feature called Authenticator Lite, the company claims in a new Microsoft 365 roadmap article.

Users will be able to access their work or school accounts via Outlook with an additional degree of security if they use Authenticator Lite.

The function will be accessible through the Outlook mobile apps for iOS and Android devices, and after entering their password, users probably need to enter a code or approve a notice.

Microsoft’s action might improve the use of MFA among Microsoft 365 members given that Outlook has a much larger user base than Microsoft’s Authenticator app.

The Outlook app has more than 500 million downloads and 5.5 million reviews on iOS, compared to the Authenticator app’s 50 million Android downloads and 233,100 iOS reviews.

CISA has started to alert critical infrastructure to ransomware-prone devices.

A new pilot program has been introduced by the U.S. Cybersecurity & Infrastructure Security Agency (CISA) to assist critical infrastructure organizations in defending their information systems against ransomware assaults.

CISA is launching a new initiative to alert critical infrastructure institutions that their systems have exposed vulnerabilities that could be exploited by ransomware threat actors through the Ransomware Vulnerability Warning Pilot (RVWP), which began on January 30, 2023.

The newly launched Ransomware Vulnerability Warning Pilot (RVWP) program from CISA has two objectives: to scan the networks of critical infrastructure entities for Internet-exposed systems with vulnerabilities that ransomware attackers frequently use to breach networks and to assist vulnerable organizations in patching the flaws before they are hacked.

This is part of a larger initiative to combat the growing ransomware threat, which began almost two years ago after a flurry of cyberattacks on key infrastructure companies and U.S. government institutions, beginning with ransomware attacks on the networks of Colonial Pipeline, JBS Foods, and Kaseya.

A new feature for its Cyber Security Evaluation Tool, the Ransomware Readiness Assessment (RRA), was made available by the organization in June 2021. (CSET).

CISA has started to alert critical infrastructure to ransomware-prone devices.
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news: