#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

malicious program | Breaking Cybersecurity News | The Hacker News

Malware Can Bypass Chrome Extension Security Feature Easily

Malware Can Bypass Chrome Extension Security Feature Easily

Sep 06, 2014
Researchers have uncovered a new social engineering trick that leads users to a malicious extension from Google Chrome impersonating to deliver Adobe's Flash Player in order to lure victims in a click fraud campaign. Security experts at TrendMicro believe that the malware is triggered by opening Facebook or Twitter via shortened links provided in any social networking websites. Once clicked, the links may lead victims to a site that automatically downloads the malicious browser extension . MALWARE INVOLVES DOWNLOADING MULTIPLE MALICIOUS FILES The process is quite complicated as the malware drops a downloader file which downloads multiple malicious files on the victim's computer. Moreover, the malicious program also has ability to bypass Google's recent security protection added to Chrome against installation of browser extensions that are not in Chrome Web Store. Researchers came across a baiting tweet that advertises " Facebook Secrets ", claiming to show videos
Don't Install Crap ! Bitcoin Mining malware bundled with Potentially Unwanted Programs

Don't Install Crap ! Bitcoin Mining malware bundled with Potentially Unwanted Programs

Nov 30, 2013
The increasing public attention of Bitcoin did not go unnoticed by Cyber Criminals who have begun unleashing Bitcoin Mining malware. Security researchers at Malwarebytes warned about a new malware threat, in which Bitcoin Miners are bundled with third party potentially unwanted programs (PUPs) that come bundled with legitimate applications. Malware allow cybercriminals to utilize systems' computing resources for their own gain. " This type of system hijacking is just another way for advertising based software to exploit a user into getting even more cash. " The malware is found to be using ' jhProtominer ' a popular mining software that runs via the command line, to abuse the CPUs and GPUs of infected computers to generate Bitcoins. Upon further investigation Malwarebytes found that the parent of the Bitcoin miner was " monitor.exe ", a part of YourFreeProxy application, which " beacons out constantly, waiting for commands from a remote server, eventually downlo
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Several Malicious Android apps found on Google Play affects 25,000 devices

Several Malicious Android apps found on Google Play affects 25,000 devices

Aug 10, 2013
As time goes on, though, the Malware Risk on Mobile Platforms appears to be increasing. A flood of scammy apps that are difficult for Google to detect, and therefore stays available for download for several days before being removed. The Russia-based firm Dr Web today said it has discovered several malicious  Android apps found on Google Play  which send SMS to premium numbers and  about 25,000 devices are infected by these malwares . A number of malicious programs have been discovered by Dr Web's analysts belong to the Vietnamese developer AppStoreJsc . These programs are published in the form of audio players and a video player that generally display adult content. Dr Web explains, " While running these carrier applications, dubbed Android . MulDrop, Android.MulDrop.1, and Android.MulDrop.2 by Dr . Web, can prompt the user to download the content they need, but their consent initiates the installation of another application rather than the downloadin
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Cybersecurity Resources