CyberSecurityBoard
Sponsor Register Login

Hackers Constantly Developing New Evasion Mechanisms

The digital landscape, once a serene meadow, has morphed into a battleground where attackers and security vendors engage in a perpetual arms race.
As defenses become more sophisticated, attackers adapt, devising ingenious evasion techniques to bypass security products and inflict harm.
Recently uncovered by Trellix Email Security, leverages the foundation of security - caching - to weave a web of deceit and compromise unsuspecting users.
Geofencing: Malicious content masquerades as benign in specific regions, evading detection elsewhere.
Captcha Bypass: Automated mechanisms circumvent captchas, hindering URL payload analysis.
IP Evasion: Blacklisted IPs shield attackers from scrutiny, ensuring their payloads remain hidden.
QR Code Phishing: QR code obscurity bypasses traditional email security filters, paving the way for phishing attacks.
Trellix Email Security has unraveled a novel evasion tactic that exploits caching, a mechanism employed by security products to optimize performance.
Caching involves temporarily storing the analysis results of URLs.
Upon encountering the same URL again, the cached verdict is retrieved instead of re-performing the analysis, saving valuable resources.
The attack begins with an email containing a seemingly innocuous Call to Action URL, often disguised as a OneDrive document link.
This tactic capitalizes on the inherent trust associated with Microsoft's domain.
Phase 2: The Cloaked Payload. Upon encountering the CTA URL, the security engine analyzes it and discovers a link leading to a well-established website like Google or Microsoft.
Once the URL is cached as safe, the attackers strike.
Understanding this intricate manipulation of caching mechanisms is crucial for effective mitigation.
Trellix telemetry reveals that these cache poisoning attacks are not isolated incidents.
They have targeted users across diverse industries and regions, highlighting the universality of this technique.


This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 05 Jan 2024 11:15:22 +0000


Cyber News related to Hackers Constantly Developing New Evasion Mechanisms

Hackers Constantly Developing New Evasion Mechanisms - The digital landscape, once a serene meadow, has morphed into a battleground where attackers and security vendors engage in a perpetual arms race. As defenses become more sophisticated, attackers adapt, devising ingenious evasion techniques to bypass ...
6 months ago Cybersecuritynews.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
1 year ago Hackread.com
OpenAI blocks state-sponsored hackers from using ChatGPT - OpenAI has removed accounts used by state-sponsored threat groups from Iran, North Korea, China, and Russia, that were abusing its artificial intelligence chatbot, ChatGPT. The AI research organization took action against specific accounts associated ...
4 months ago Bleepingcomputer.com
New Rhadamanthys stealer version enhances features, evasion - The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities and enhanced evasion. Rhadamanthys is a C++ ...
6 months ago Bleepingcomputer.com
Microsoft: BlueNoroff hackers plan new crypto-theft attacks - Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. This financially motivated threat group also has a documented history of cryptocurrency ...
7 months ago Bleepingcomputer.com
Microsoft: Iranian hackers target researchers with new MediaPl malware - Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new backdoor malware. The attackers, a ...
5 months ago Bleepingcomputer.com
Microsoft: Hackers target defense firms with new FalseFont malware - Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. The DIB sector targeted in these attacks comprises over 100,000 defense companies and ...
6 months ago Bleepingcomputer.com
Staying Ahead of Adversarial AI with Incident Response Automation - The security operations community constantly seeks advancements in incident response. Consolidating security telemetry data, upgrading your organization's cybersecurity posture, and integrating with various artificial intelligence and machine ...
1 week ago Securityboulevard.com
Booking.com hackers increase attacks on customers - Hackers are increasing their attacks on Booking.com customers by posting adverts on dark web forums asking for help finding victims. Cyber-criminals are offering up to $2,000 for login details of hotels as they continue to target the people who are ...
7 months ago Bbc.com
Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
7 months ago Bleepingcomputer.com
Hackers Exploiting Microsoft Templates to Execute Malicious Code - This campaign represents a significant evolution in the tactics, techniques, and procedures employed by cybercriminals. They are leveraging social engineering and advanced evasion techniques to deploy malicious code. The attackers meticulously ...
3 months ago Gbhackers.com
Why Have Big Cybersecurity Hacks Surged in 2023? - Payments made to hackers who hold systems hostage for ransom increased by almost half through September, according to blockchain analytics firm Chainalysis Inc., totaling almost $500 million in payouts. In just the past few months, hackers have ...
6 months ago Bloomberg.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
6 days ago Securityweek.com
The Unlikely Romance of Hackers and Government Suitors - The annual Hack the Capitol event brings together a diverse group of scientists, hackers, and policymakers to educate congressional staffers, scholars, and the press about the most critical cybersecurity challenges facing our nation. Hack the Capitol ...
6 months ago Darkreading.com
New AeroBlade hackers target aerospace sector in the U.S. - A previously unknown cyber espionage hacking group named 'AeroBlade' was discovered targeting organizations in the United States aerospace sector. The campaign, discovered by BlackBerry, unfolded in two phases: a testing wave in September 2022 and a ...
7 months ago Bleepingcomputer.com
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
1 year ago Therecord.media
East Texas hospital network can't receive ambulances because of potential cybersecurity incident - GetTime();if(!(u<=a&&d<=l throw new RangeError("Invalid interval");return r.inclusive?u<=l&&d<=a:ut||isNaN(t. Step):1;if(s<1||isNaN(s throw new RangeError("`options. Step):1;if(l<1||isNaN(l throw new RangeError("`options. GetTime()<=n throw new ...
7 months ago Cnn.com
Star Blizzard New Evasion Techniques to Hijack Email Accounts - Hackers target email accounts because they contain valuable personal and financial information. Successful email breaches enable threat actors to:-. Cybersecurity researchers at Microsoft Threat Intelligence team recently unveiled that the Russian ...
6 months ago Gbhackers.com
Hackers Fix Polish Train Glitch, Face Legal Pushback by the Manufacturer - In a recent cybersecurity incident, three Polish hackers achieved success in repairing the malfunctioning software of a train, initially serviced by independent repair shops for a regional rail operator. The narrative took a twist when accusations ...
6 months ago Hackread.com
Hackers breach Australian court hearing database - The court system for Australia's second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria, an administrative body that supports the operations of the ...
6 months ago Therecord.media
FBI disrupts Moobot botnet used by Russian military hackers - The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies. This network of hundreds of ...
4 months ago Bleepingcomputer.com
Optimizing Cybersecurity: How Hackers Use Golang Source Code Interpreter to Evade Detection - Hackers have been upping the stakes when it comes to executing cyberattacks, and an increasingly popular tool in their arsenal is the Golang source code interpreter. Reportedly, the interpreter is used to obfuscate code, thus making it harder for ...
1 year ago Bleepingcomputer.com
Turkish hackers Sea Turtle expand attacks to Dutch ISPs, telcos - The Turkish state-backed cyber espionage group tracked as Sea Turtle has been carrying out multiple spying campaigns in the Netherlands, focusing on telcos, media, internet service providers, and Kurdish websites. Previously, Sea Turtle, also known ...
5 months ago Bleepingcomputer.com
North Korean Hackers Utilizing Credential Stuffing to Launch Cyberattacks - In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative ...
1 year ago Thehackernews.com
HackerOne paid ethical hackers over $300 million in bug bounties - HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception. Thirty hackers have earned over a million USD for their submissions, and ...
7 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)