Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version

Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version

Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis techniques to fly under the radar. “These enhancements aim to increase the malware’s stealthiness, thereby remaining undetected for longer periods of time,” Zscaler ThreatLabz Read more…

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. “The threat actors used multiple TTPs in this attack, including Read more…

Hackers Hijack Software Updates

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is tracking the advanced persistent threat (APT) Read more…

OracleIV DDoS Botnet

OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers

OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers Nov 14, 2023NewsroomCloud Security / Malware Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service (DDoS) botnet dubbed OracleIV. “Attackers are exploiting this Read more…