Guardio Labs | Breaking Cybersecurity News | The Hacker News

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user's knowledge," Guardio Labs security researcher Oleg Zaytsev  said  in a new report shared with The Hacker News. Tracked as  CVE-2024-21388  (CVSS score: 6.5), it was addressed by Microsoft in Edge stable version 121.0.2277.83 released on January 25, 2024, following responsible disclosure in November 2023. The Windows maker credited both Zaytsev and Jun Kokatsu for reporting the issue. "An attacker who successfully exploited this vulnerability could gain the privileges needed to install an extension," Microsoft said in an advisory for the flaw, adding it "could lead to a browser sandbo

A new DNS threat actor dubbed  Savvy Seahorse  is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds. "Savvy Seahorse is a DNS threat actor who convinces victims to create accounts on fake investment platforms, make deposits to a personal account, and then transfers those deposits to a bank in Russia," Infoblox  said  in a report published last week. Targets of the campaigns include Russian, Polish, Italian, German, Czech, Turkish, French, Spanish, and English speakers, indicating that the threat actors are casting a wide net in their attacks. Users are lured via ads on social media platforms like Facebook, while also tricking them into parting with their personal information in return for alleged high-return investment opportunities through fake ChatGPT and WhatsApp bots. The financial scam campaigns are notable for using DNS canonical name (CNAME) records to create a traffic distribution system ( TDS ), thereby allowing threat a

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

Threat actors have been observed serving malicious code by utilizing Binance's Smart Chain (BSC) contracts in what has been described as the "next level of bulletproof hosting." The campaign, detected two months ago, has been codenamed  EtherHiding  by Guardio Labs. The novel twist marks the latest iteration in an ongoing malware campaign that leverages compromised WordPress sites to serve unsuspecting visitors a fake warning to update their browsers before the sites can be accessed, ultimately leading to the deployment of information stealer malware such as Amadey, Lumma, or RedLine. "While their initial method of hosting code on abused Cloudflare Worker hosts was taken down, they've quickly pivoted to take advantage of the decentralized, anonymous, and public nature of blockchain," security researchers Nati Tal and Oleg Zaytsev  said . "This campaign is up and harder than ever to detect and take down." It's no surprise that threat act