Newly identified malware, Hexon Stealer, targets browser data
Malware developments
Hexon Stealer: Emerging threat targeting browser data
Hexon Stealer is a newly identified malware that poses risks to individuals and organizations by targeting sensitive information, including browser credentials, saved passwords, cryptocurrency wallets, and gaming accounts. First identified in 2024, the stealer employs the Electron framework and NSIS installer format, enabling cross-platform compatibility and efficient distribution. READ MORE.
Rockstar 2FA New Phishing as a Service Threat
Rockstar 2FA is an emerging phishing kit that changed Phishing-as-a-Service (PaaS) operations by enabling large-scale, highly targeted adversary-in-the-middle (AiTM) attacks. This kit allows threat actors to bypass multifactor authentication (MFA) by intercepting user credentials and session cookies, exposing even well-protected accounts. READ MORE.
RomCom Exploits Firefox and Windows Zero-Days in Sophisticated Campaign
The attack begins with CVE-2024-9680, a use-after-free vulnerability in Firefox’s animation timeline feature. This flaw is exploited when victims visit a malicious webpage, allowing attackers to execute arbitrary shellcode within the browser’s sandbox. READ MORE.
Vulnerabilities and exploitation attempts
UEFI Bootkit Bootkitty Emerges as Linux-Specific Threat
In a significant development for the UEFI threat landscape, researchers have identified the first UEFI bootkit specifically designed for Linux systems, named Bootkitty by its creators, a group known as BlackCat. While the bootkit is assessed to be a proof-of-concept (PoC) with no evidence of use in real-world attacks. READ MORE.
Recommended by LinkedIn
Critical and Exploited Vulnerabilities Impacting Microsoft's AI and Cloud Platforms
Microsoft recently addressed four critical vulnerabilities impacting AI, cloud services, and ERP solutions, underscoring the evolving security challenges in enterprise environments. Among these, CVE-2024-49035, an actively exploited improper access control vulnerability in the portal, has a CVSS score of 8.7. This vulnerability allows attackers to elevate privileges and gain unauthorized access, emphasizing the urgency of applying the patch. READ MORE.
QNAP Unveils Critical Vulnerabilities in Notes Station 3 and QuRouter
QNAP has issued a security advisory to address multiple critical vulnerabilities in Notes Station 3 and QuRouter. QNAP specializes in network-attached storage (NAS) devices, which allow users to store, manage, and access their data securely and efficiently over a network. READ MORE.
New Techniques Exploiting Policy Engines and IaC Workflows
Recent research highlights the emergence of novel tactics, techniques, and procedures (TTPs) targeting Infrastructure-as-Code (IaC) and Policy-as-Code (PaC) tools, such as Terraform and Open Policy Agent (OPA). READ MORE.
Gain deeper Cyber Threat Intelligence (CTI) insights!
CyberProof’s CTI service offers comprehensive threat intelligence coverage, ensuring that your organization stays ahead of active threats that pose the greatest risk to your assets.
Our advanced CTI team investigates the threat landscape, providing you with detailed reports, related Indicators of Compromise (IOCs), technical recommendations, and MITRE ATT&CK mapping.