InfoSec News

Fake Solana Phantom security updates push crypto-stealing malware Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] via BleepingComputer (author: Lawrence Abrams)

Caffeine service lets anyone launch Microsoft 365 phishing attacks A phishing-as-a-service (PhaaS) platform named 'Caffeine' makes it easy for threat actors to launch attacks, featuring an open registration process allowing anyone to jump in and start their own phishing campaigns. [...] via BleepingComputer (author: Bill Toulas)

New Report Uncovers Emotet's Delivery and Evasion Techniques Used in Recent Attacks Threat actors associated with the notorious Emotet malware are continually shifting their tactics and command-and-control (C2) infrastructure to escape detection, according to new research from VMware. Emotet is the work of a threat actor tracked as Mummy Spider (aka TA542), emerging in June 2014 as a banking trojan before morphing into an all-purpose loader in 2016 that's capable of delivering via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

Hacking group POLONIUM uses ‘Creepy’ malware against Israel Security researchers reveal previously unknown malware used by the cyber espionage hacking group 'POLONIUM,' threat actors who appear to target Israeli organizations exclusively. [...] via BleepingComputer (author: Bill Toulas)

This 'thermal attack' can read your password from the heat your fingertips leave behind Researchers detail an attack technique combining thermal imaging and AI - and warn that increased access to innovative technologies will be abused by cyber criminals. via Latest stories for ZDNET in Security

Hackers Steal $100 Million Cryptocurrency from Binance Bridge BNB Chain, a blockchain linked to the Binance cryptocurrency exchange, disclosed an exploit on a cross-chain bridge that drained around $100 million in digital assets. "There was an exploit affecting the native cross-chain bridge between BNB Beacon Chain (BEP2) and BNB Smart Chain (BEP20 or BSC), known as 'BSC Token Hub,'" it said last week. "The exploit was through a sophisticated forging of via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

Intel Confirms Leak of Alder Lake BIOS Source Code Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week. The published content contains Unified Extensible Firmware Interface (UEFI) code for Alder Lake, the company's 12th generation processors that was originally launched in November 2021. In a statement shared with via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

Intel confirms leaked Alder Lake BIOS Source Code is authentic Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic and has been released by a third party. [...] via BleepingComputer (author: Lawrence Abrams)

Fake adult sites push data wipers disguised as ransomware Malicious adult websites push fake ransomware which, in reality, acts as a wiper that quietly tries to delete almost all of the data on your device. [...] via BleepingComputer (author: Bill Toulas)

ADATA denies RansomHouse cyberattack, says leaked data from 2021 breach Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting the company's stolen files on their data leak site. [...] via BleepingComputer (author: Lawrence Abrams)