malware analysis | Breaking Cybersecurity News | The Hacker News

WikiLeaks published hundreds of more files from the Vault 7 series today which, it claims, show how CIA can mask its hacking attacks to make it look like it came from other countries, including Russia, China, North Korea and Iran. Dubbed " Marble ," the part 3 of CIA files contains 676 source code files of a secret anti-forensic Marble Framework, which is basically an obfuscator or a packer used to hide the true source of CIA malware. The CIA's Marble Framework tool includes a variety of different algorithm with foreign language text intentionally inserted into the malware source code to fool security analysts and falsely attribute attacks to the wrong nation. The leaked files indicate that the Marble's source code includes Chinese, Russian, Korean, Arabic and Farsi languages, as well as English, which shows that the CIA has engaged in clever hacking games. "Marble is used to hamper[ing] forensic investigators and anti-virus companies from attributin

Do Mac Computers Get Viruses? Yes, Of Course, they do!  According to stats, malware for MAC OS X has appeared five times more in 2015 alone than the previous five years combined. As malware for Macs is becoming more common, Google has decided to add support for Mac  OS X malware detection to its VirusTotal web-based service. VirusTotal — launched in 2004 and acquired by Google in 2012 — is a free and popular online service for security researchers and Hackers that lets you upload files to check them for viruses. VirusTotal scans uploaded files with more than 55 different Antivirus products and Online scan engines to provide a combined report on the results. VirusTotal also runs certain ' Windows PE files and Android apps ' files in the Sandbox , a controlled research environment used for malware analysis. According to the recent announcement, VirusTotal will also be able to execute suspicious Mac executable files inside its Sandbox environment

Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have become a popular browser attack vector. This is because they are widely adopted among users and can easily turn malicious through developer actions or attacks on legitimate extensions. Recent incidents like  DataSpii  and the  Nigelthorn  malware attack have exposed the extent of damage that malicious extensions can inflict. In both cases, users innocently installed extensions that compromised their privacy and security. The underlying issue lies in the permissions granted to extensions. These permissions, often excessive and lacking granularity, allow attackers to exploit them. What can organizations do to protect themselves from the risks of browser extensions without barring them from use altogether (an act that would be nearly impossible to enforce)?  A new report by LayerX, "Unveiling the