🔒🐱 Intrigued by the latest cybersecurity scoop? Hold onto your seats, tech gurus! 🚀 It seems that even our feline friends aren't safe from sneaky cybercriminals. Sophos researchers recently uncovered a clever tactic by GootLoader malware operators that will make you do a double-take. 🧐 #ainews #automatorsolutions 🌐 Imagine this: you innocently Google Are Bengal Cats legal in Australia? and BAM! You're hit with a malware payload instead of cute kitty pics. Who knew cyberattacks could be so... catty? 🐾 🕵️♂️ What can we learn from this crafty scheme? Let's dig deeper, folks: - 🐱 **Tailored Attacks**: Gone are the days of generic spam emails. Attackers are now customizing campaigns based on YOUR interests. Sneaky, huh? - 🔍 **Search Engine Exploits**: Your innocent queries could lead you straight into a hacker's trap. Stay vigilant, my friends. - 💡 **Smokescreen Tactics**: Using obscure topics as a decoy, cybercriminals are upping their game. It's like a high-tech magic show, but with malware. 🔮 So, what's next for the cybersecurity realm? My prediction? We're in for a wild ride, folks! Keep your cyber-shields up, stay updated, and never underestimate the creative minds of hackers. 🛡️✨ 💬 Let's hear your thoughts, tech experts! How can we outsmart these sneaky cyber magicians? Share your insights and let's crack this case wide open! 🕵️♀️💬 #CyberSecurityAINews ----- Original Publish Date: 2024-11-12 03:57
Automated News - Automator Solutions’ Post
More Relevant Posts
-
Senior Manager - Product Security| Cloud Security | Application Security | Technical Product Management | Business Risk
In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. "In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: 'Are Bengal Cats legal in Australia?,'" Sophos researchers Trang Tang, Hikaru Koike, Asha Castle, and Sean Gallagher said in a report published last week. GootLoader, as the name implies, is a malware loader that's typically distributed using search engine optimization (SEO) poisoning tactics for initial access. Stay connected to Aashay Gupta, CISM, GCP for content related to Cybersecurity. #LinkedIn #Cybersecurity #Cloudsecurity #AWS #GoogleCloud #Trends #informationprotection #Cyberthreats #CEH #ethicalhacker #hacking #cloudsecurity #productmanagement #cybersecurity #appsec #devsecops
-
Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven shared in a <a href="https://lnkd.in/gks4JaVc">blog post</a> this weekend that its Chrome extension was compromised on December 24 in an attack that appeared to be “targeting logins to specific social media advertising and AI platforms.” A few other extensions were hit as well, going back to mid-December, <a href="https://lnkd.in/d7Qg-5Pr">Reuters</a> reported. According to Nudge Security’s <a href="https://lnkd.in/gVKyybim">Jaime Blasco</a>, that includes ParrotTalks, Uvoice and VPNCity. Cyberhaven notified its customers on December 26 in an email seen by <a href="https://lnkd.in/g5XKzuJR">TechCrunch</a>, which advised them to revoke and rotate their passwords and other credentials. The company’s initial investigation of the incident found that the malicious extension targeted Facebook Ads users, with a goal of stealing data such as access tokens, user IDs and other account information, along with cookies. The code also added a mouse click listener. “After successfully sending all the data to the [Command & Control] server, the Facebook user ID is saved to browser storage,” Cyberhaven said in its analysis. “That user ID is then used in mouse click events to help attackers with 2FA on their side if that was needed.” Cyberhaven said it first detected the breach on December 25 and was able to remove the malicious version of the extension within an hour. It’s since pushed out a clean version. This article originally appeared on Engadget at https://lnkd.in/gNB5-Kqa
-
Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven shared in a <a href="https://lnkd.in/gks4JaVc">blog post</a> this weekend that its Chrome extension was compromised on December 24 in an attack that appeared to be “targeting logins to specific social media advertising and AI platforms.” A few other extensions were hit as well, going back to mid-December, <a href="https://lnkd.in/d7Qg-5Pr">Reuters</a> reported. According to Nudge Security’s <a href="https://lnkd.in/gVKyybim">Jaime Blasco</a>, that includes ParrotTalks, Uvoice and VPNCity. Cyberhaven notified its customers on December 26 in an email seen by <a href="https://lnkd.in/g5XKzuJR">TechCrunch</a>, which advised them to revoke and rotate their passwords and other credentials. The company’s initial investigation of the incident found that the malicious extension targeted Facebook Ads users, with a goal of stealing data such as access tokens, user IDs and other account information, along with cookies. The code also added a mouse click listener. “After successfully sending all the data to the [Command & Control] server, the Facebook user ID is saved to browser storage,” Cyberhaven said in its analysis. “That user ID is then used in mouse click events to help attackers with 2FA on their side if that was needed.” Cyberhaven said it first detected the breach on December 25 and was able to remove the malicious version of the extension within an hour. It’s since pushed out a clean version. This article originally appeared on Engadget at https://lnkd.in/gNB5-Kqa
-
🚀Vice President - Cyber Sec & AI Audits@ JP Morgan | 🏆 9x Globally Awarded🎖️ CyberSecurity & Resiliency Risk Specialist |📖33 Researches |🔖3 Patents |🎗️13 Fellowships |📚18 Magazine Publications |✍️Authored 2 Books
🎯In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. "In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: 'Are Bengal Cats legal in Australia?,'" Sophos researchers Trang Tang, Hikaru Koike, Asha Castle, and Sean Gallagher said in a report published last week. GootLoader, as the name implies, is a malware loader that's typically distributed using search engine optimization (SEO) poisoning tactics for initial access. 🔔 Stay connected for industry’s latest content – Follow Dr. Anil Lamba, CISSP #linkedin #teamamex #JPMorganChase #cybersecurity #technologycontrols #infosec #informationsecurity #GenAi #linkedintopvoices #cybersecurityawareness #innovation #techindustry #cyber #birminghamtech #cybersecurity #fintech #careerintech #handsworth #communitysupport #womenintech #technology #security #cloud #infosec #riskassessment #informationsecurity #auditmanagement #informationprotection #securityaudit #cyberrisks #cybersecurity #security #cloudsecurity #trends #grc #leadership #socialmedia #digitization #cyberrisk #education #Hacking #privacy #datasecurity #passwordmanagement #identitytheft #phishingemails #holidayseason #bankfraud #personalinformation #creditfraud
-
Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven shared in a <a href="https://lnkd.in/gks4JaVc">blog post</a> this weekend that its Chrome extension was compromised on December 24 in an attack that appeared to be “targeting logins to specific social media advertising and AI platforms.” A few other extensions were hit as well, going back to mid-December, <a href="https://lnkd.in/d7Qg-5Pr">Reuters</a> reported. According to Nudge Security’s <a href="https://lnkd.in/gVKyybim">Jaime Blasco</a>, that includes ParrotTalks, Uvoice and VPNCity. Cyberhaven notified its customers on December 26 in an email seen by <a href="https://lnkd.in/g5XKzuJR">TechCrunch</a>, which advised them to revoke and rotate their passwords and other credentials. The company’s initial investigation of the incident found that the malicious extension targeted Facebook Ads users, with a goal of stealing data such as access tokens, user IDs and other account information, along with cookies. The code also added a mouse click listener. “After successfully sending all the data to the [Command & Control] server, the Facebook user ID is saved to browser storage,” Cyberhaven said in its analysis. “That user ID is then used in mouse click events to help attackers with 2FA on their side if that was needed.” Cyberhaven said it first detected the breach on December 25 and was able to remove the malicious version of the extension within an hour. It’s since pushed out a clean version. This article originally appeared on Engadget at https://lnkd.in/gNB5-Kqa
-
Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven shared in a <a href="https://lnkd.in/gks4JaVc">blog post</a> this weekend that its Chrome extension was compromised on December 24 in an attack that appeared to be “targeting logins to specific social media advertising and AI platforms.” A few other extensions were hit as well, going back to mid-December, <a href="https://lnkd.in/d7Qg-5Pr">Reuters</a> reported. According to Nudge Security’s <a href="https://lnkd.in/gVKyybim">Jaime Blasco</a>, that includes ParrotTalks, Uvoice and VPNCity. Cyberhaven notified its customers on December 26 in an email seen by <a href="https://lnkd.in/g5XKzuJR">TechCrunch</a>, which advised them to revoke and rotate their passwords and other credentials. The company’s initial investigation of the incident found that the malicious extension targeted Facebook Ads users, with a goal of stealing data such as access tokens, user IDs and other account information, along with cookies. The code also added a mouse click listener. “After successfully sending all the data to the [Command & Control] server, the Facebook user ID is saved to browser storage,” Cyberhaven said in its analysis. “That user ID is then used in mouse click events to help attackers with 2FA on their side if that was needed.” Cyberhaven said it first detected the breach on December 25 and was able to remove the malicious version of the extension within an hour. It’s since pushed out a clean version. This article originally appeared on Engadget at https://lnkd.in/gNB5-Kqa
-
Disaster Risk Reduction & Relief Operations & Community Involvement for Climate Change and Circular Economy| Peace, Poverty & Hunger Alleviation, Environmental Compliance
Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven shared in a <a href="https://lnkd.in/gtSr6Hrw">blog post</a> this weekend that its Chrome extension was compromised on December 24 in an attack that appeared to be “targeting logins to specific social media advertising and AI platforms.” A few other extensions were hit as well, going back to mid-December, <a href="https://lnkd.in/gcYChJ35">Reuters</a> reported. According to Nudge Security’s <a href="https://lnkd.in/g_yvmjBT">Jaime Blasco</a>, that includes ParrotTalks, Uvoice and VPNCity. Cyberhaven notified its customers on December 26 in an email seen by <a href="https://lnkd.in/guYnJaP5">TechCrunch</a>, which advised them to revoke and rotate their passwords and other credentials. The company’s initial investigation of the incident found that the malicious extension targeted Facebook Ads users, with a goal of stealing data such as access tokens, user IDs and other account information, along with cookies. The code also added a mouse click listener. “After successfully sending all the data to the [Command & Control] server, the Facebook user ID is saved to browser storage,” Cyberhaven said in its analysis. “That user ID is then used in mouse click events to help attackers with 2FA on their side if that was needed.” Cyberhaven said it first detected the breach on December 25 and was able to remove the malicious version of the extension within an hour. It’s since pushed out a clean version. This article originally appeared on Engadget at https://lnkd.in/gXKwQtHF
-
Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven shared in a <a href="https://lnkd.in/gks4JaVc">blog post</a> this weekend that its Chrome extension was compromised on December 24 in an attack that appeared to be “targeting logins to specific social media advertising and AI platforms.” A few other extensions were hit as well, going back to mid-December, <a href="https://lnkd.in/d7Qg-5Pr">Reuters</a> reported. According to Nudge Security’s <a href="https://lnkd.in/gVKyybim">Jaime Blasco</a>, that includes ParrotTalks, Uvoice and VPNCity. Cyberhaven notified its customers on December 26 in an email seen by <a href="https://lnkd.in/g5XKzuJR">TechCrunch</a>, which advised them to revoke and rotate their passwords and other credentials. The company’s initial investigation of the incident found that the malicious extension targeted Facebook Ads users, with a goal of stealing data such as access tokens, user IDs and other account information, along with cookies. The code also added a mouse click listener. “After successfully sending all the data to the [Command & Control] server, the Facebook user ID is saved to browser storage,” Cyberhaven said in its analysis. “That user ID is then used in mouse click events to help attackers with 2FA on their side if that was needed.” Cyberhaven said it first detected the breach on December 25 and was able to remove the malicious version of the extension within an hour. It’s since pushed out a clean version. This article originally appeared on Engadget at https://lnkd.in/gNB5-Kqa
-
Disaster Risk Reduction & Relief Operations & Community Involvement for Climate Change and Circular Economy| Peace, Poverty & Hunger Alleviation, Environmental Compliance
Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven shared in a <a href="https://lnkd.in/gtSr6Hrw">blog post</a> this weekend that its Chrome extension was compromised on December 24 in an attack that appeared to be “targeting logins to specific social media advertising and AI platforms.” A few other extensions were hit as well, going back to mid-December, <a href="https://lnkd.in/gcYChJ35">Reuters</a> reported. According to Nudge Security’s <a href="https://lnkd.in/g_yvmjBT">Jaime Blasco</a>, that includes ParrotTalks, Uvoice and VPNCity. Cyberhaven notified its customers on December 26 in an email seen by <a href="https://lnkd.in/guYnJaP5">TechCrunch</a>, which advised them to revoke and rotate their passwords and other credentials. The company’s initial investigation of the incident found that the malicious extension targeted Facebook Ads users, with a goal of stealing data such as access tokens, user IDs and other account information, along with cookies. The code also added a mouse click listener. “After successfully sending all the data to the [Command & Control] server, the Facebook user ID is saved to browser storage,” Cyberhaven said in its analysis. “That user ID is then used in mouse click events to help attackers with 2FA on their side if that was needed.” Cyberhaven said it first detected the breach on December 25 and was able to remove the malicious version of the extension within an hour. It’s since pushed out a clean version. This article originally appeared on Engadget at https://lnkd.in/gXKwQtHF
-
Disaster Risk Reduction & Relief Operations & Community Involvement for Climate Change and Circular Economy| Peace, Poverty & Hunger Alleviation, Environmental Compliance
Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven shared in a <a href="https://lnkd.in/gtSr6Hrw">blog post</a> this weekend that its Chrome extension was compromised on December 24 in an attack that appeared to be “targeting logins to specific social media advertising and AI platforms.” A few other extensions were hit as well, going back to mid-December, <a href="https://lnkd.in/gcYChJ35">Reuters</a> reported. According to Nudge Security’s <a href="https://lnkd.in/g_yvmjBT">Jaime Blasco</a>, that includes ParrotTalks, Uvoice and VPNCity. Cyberhaven notified its customers on December 26 in an email seen by <a href="https://lnkd.in/guYnJaP5">TechCrunch</a>, which advised them to revoke and rotate their passwords and other credentials. The company’s initial investigation of the incident found that the malicious extension targeted Facebook Ads users, with a goal of stealing data such as access tokens, user IDs and other account information, along with cookies. The code also added a mouse click listener. “After successfully sending all the data to the [Command & Control] server, the Facebook user ID is saved to browser storage,” Cyberhaven said in its analysis. “That user ID is then used in mouse click events to help attackers with 2FA on their side if that was needed.” Cyberhaven said it first detected the breach on December 25 and was able to remove the malicious version of the extension within an hour. It’s since pushed out a clean version. This article originally appeared on Engadget at https://lnkd.in/gXKwQtHF
