Campaign – OWASP Jakarta

When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions

When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25 extensions, with an install base of over two million Read more…

By adminowasp, 6 months ago

News

North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign

North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview (aka DeceptiveDevelopment) refers to a persistent attack campaign that employs social engineering lures, with the hacking crew often Read more…

By adminowasp, 6 months ago

News

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is below – CVE-2024-20767 (CVSS Read more…

By adminowasp, 7 months ago

News

Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques

Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. “The target of the threat actors were Thailand officials based on the Read more…

By adminowasp, 7 months ago

News

ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan

ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024. The aim of the campaign is to deliver backdoors known as NOOPDOOR (aka HiddenFace) Read more…

By adminowasp, 7 months ago

News

Corrupted Microsoft Office documents used in phishing campaign

Corrupted Microsoft Office documents used in phishing campaign Corrupted Microsoft Office documents and archive files have been used to evade detection in a recent phishing campaign, according to ANY.RUN. The files are intentionally corrupted to prevent scanning by email filters and antivirus software, and to prevent them from launching properly Read more…

By adminowasp, 7 monthsDecember 3, 2024 ago

News

Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads

Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT. The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it Read more…

By adminowasp, 7 months ago

News

AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections

AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections A Moscow-based company sanctioned by the U.S. earlier this year has been linked to yet another influence operation designed to turn public opinion against Ukraine and erode Western support since at least December 2023. The covert campaign undertaken Read more…

By adminowasp, 7 months ago

News

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws that have come under active exploitation in the wild. According to statistics shared Read more…

By adminowasp, 7 months ago

News

China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign

China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection. “The attackers embedded malicious JavaScript in these Read more…

By adminowasp, 7 months ago