A large-scale QakNote campaign is ongoing that drops QBot banking trojan on systems via malicious Microsoft OneNote attachments. The phishing emails contain OneNote files that have an embedded HTML application (HTA file) that retrieves the QBot malware payload. The adoption signals “a much more automated, streamlined fashion” as opposed to previous small-scale malware attacks.
Of the externally reported bugs, three are rated ‘high severity’. These include a type confusion flaw in the V8 engine, an inappropriate implementation issue in full screen mode, and an out-of-bounds read vulnerability in WebRTC.
While the threat actor made it very easy to detect the bundled backdoor in the first game mode published on the Steam Store, the twenty lines of code malicious code included with the three newer game mods were much harder to spot.
The Graphiron malware allows operators to harvest a wide range of information from the infected systems, including system info, credentials, screenshots, and files. The malicious code is written in the Go programming language.
It’s not unheard of for criminals to use multinational banks to launder money. But if you invest in crypto and your platform gets sanctioned overnight, you might not be able to recover your coins the next day.
The Tor network and I2P peer-to-peer network has been dealing with massive DDoS attack. Tor’s team said it will keep tweaking the network’s defenses to address this ongoing issue. The goal of these ongoing attacks is unknown.
The victim has worked with Parliament’s security team and the National Cyber Security Centre (NCSC) to ensure that all his inboxes are secure. In addition, he confirmed he is no longer actively using the compromised private account.
Money Lover allows users to create “shared wallets” with specific users to collaborate in expense logging and monitoring. Transaction data and email addresses associated with shared wallets were found exposed to any authenticated users of the app.
An inconsistency was identified in Capture Client Windows 3.7.6 and older clients on endpoints running Windows 11 version 22H2. This results in Web Content Filtering policies that enforce blocked categories to be no longer effective on endpoints.
The Munster Technological University (MTU) in Ireland announced on Monday that its campuses in Cork would be closed following a “significant IT breach and telephone outage.” A number of learning tools, including Canvas, are reportedly affected.