Hijack – OWASP Jakarta

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates Oct 15, 2024Ravie LakshmananThreat Detection / Malware Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the start of the month, Read more

By adminowasp, 9 months ago

News

Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version

Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis techniques to fly under the radar. “These enhancements aim to increase the malware’s stealthiness, thereby remaining undetected for longer periods of time,” Zscaler ThreatLabz Read more

By adminowasp, 1 year ago

News

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. “The threat actors used multiple TTPs in this attack, including Read more

By adminowasp, 1 year ago

News

Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account

Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account Feb 03, 2024NewsroomVulnerability / Social Media The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account. “Due to insufficient origin validation in all Mastodon, attackers can impersonate and take Read more

By adminowasp, 1 year ago

News

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is tracking the advanced persistent threat (APT) Read more

By adminowasp, 2 years ago

News

MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries

MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate. “Access to projects can be hijacked through domain name purchases Read more

By adminowasp, 2 years ago

News

Orange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by Malware

Orange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by Malware Jan 05, 2024NewsroomNetwork Security / Malware Mobile network operator Orange Spain suffered an internet outage for several hours on January 3 after a threat actor used administrator credentials captured by means of stealer malware to hijack the border Read more

By adminowasp, 2 years ago

News

OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers

OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers Nov 14, 2023NewsroomCloud Security / Malware Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service (DDoS) botnet dubbed OracleIV. “Attackers are exploiting this Read more

By adminowasp, 2 years ago