Hackers Constantly Developing New Evasion Mechanisms

The digital landscape, once a serene meadow, has morphed into a battleground where attackers and security vendors engage in a perpetual arms race.
As defenses become more sophisticated, attackers adapt, devising ingenious evasion techniques to bypass security products and inflict harm.
Recently uncovered by Trellix Email Security, leverages the foundation of security - caching - to weave a web of deceit and compromise unsuspecting users.
Geofencing: Malicious content masquerades as benign in specific regions, evading detection elsewhere.
Captcha Bypass: Automated mechanisms circumvent captchas, hindering URL payload analysis.
IP Evasion: Blacklisted IPs shield attackers from scrutiny, ensuring their payloads remain hidden.
QR Code Phishing: QR code obscurity bypasses traditional email security filters, paving the way for phishing attacks.
Trellix Email Security has unraveled a novel evasion tactic that exploits caching, a mechanism employed by security products to optimize performance.
Caching involves temporarily storing the analysis results of URLs.
Upon encountering the same URL again, the cached verdict is retrieved instead of re-performing the analysis, saving valuable resources.
The attack begins with an email containing a seemingly innocuous Call to Action URL, often disguised as a OneDrive document link.
This tactic capitalizes on the inherent trust associated with Microsoft's domain.
Phase 2: The Cloaked Payload. Upon encountering the CTA URL, the security engine analyzes it and discovers a link leading to a well-established website like Google or Microsoft.
Once the URL is cached as safe, the attackers strike.
Understanding this intricate manipulation of caching mechanisms is crucial for effective mitigation.
Trellix telemetry reveals that these cache poisoning attacks are not isolated incidents.
They have targeted users across diverse industries and regions, highlighting the universality of this technique.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 05 Jan 2024 11:15:22 +0000

Cyber News related to Hackers Constantly Developing New Evasion Mechanisms

Hackers Constantly Developing New Evasion Mechanisms - The digital landscape, once a serene meadow, has morphed into a battleground where attackers and security vendors engage in a perpetual arms race. As defenses become more sophisticated, attackers adapt, devising ingenious evasion techniques to bypass ...
1 year ago Cybersecuritynews.com Cloak

How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com

Microsoft: BlueNoroff hackers plan new crypto-theft attacks - Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. This financially motivated threat group also has a documented history of cryptocurrency ...
1 year ago Bleepingcomputer.com

OpenAI blocks state-sponsored hackers from using ChatGPT - OpenAI has removed accounts used by state-sponsored threat groups from Iran, North Korea, China, and Russia, that were abusing its artificial intelligence chatbot, ChatGPT. The AI research organization took action against specific accounts associated ...
1 year ago Bleepingcomputer.com Turla

Microsoft: Iranian hackers target researchers with new MediaPl malware - Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new backdoor malware. The attackers, a ...
1 year ago Bleepingcomputer.com APT3 APT33

Staying Ahead of Adversarial AI with Incident Response Automation - The security operations community constantly seeks advancements in incident response. Consolidating security telemetry data, upgrading your organization's cybersecurity posture, and integrating with various artificial intelligence and machine ...
1 year ago Securityboulevard.com

New Rhadamanthys stealer version enhances features, evasion - The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities and enhanced evasion. Rhadamanthys is a C++ ...
1 year ago Bleepingcomputer.com

Microsoft: Hackers target defense firms with new FalseFont malware - Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. The DIB sector targeted in these attacks comprises over 100,000 defense companies and ...
1 year ago Bleepingcomputer.com APT3 APT33

Why Have Big Cybersecurity Hacks Surged in 2023? - Payments made to hackers who hold systems hostage for ransom increased by almost half through September, according to blockchain analytics firm Chainalysis Inc., totaling almost $500 million in payouts. In just the past few months, hackers have ...
1 year ago Bloomberg.com LockBit

Booking.com hackers increase attacks on customers - Hackers are increasing their attacks on Booking.com customers by posting adverts on dark web forums asking for help finding victims. Cyber-criminals are offering up to $2,000 for login details of hotels as they continue to target the people who are ...
1 year ago Bbc.com

Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
1 year ago Bleepingcomputer.com

The Unlikely Romance of Hackers and Government Suitors - The annual Hack the Capitol event brings together a diverse group of scientists, hackers, and policymakers to educate congressional staffers, scholars, and the press about the most critical cybersecurity challenges facing our nation. Hack the Capitol ...
1 year ago Darkreading.com

China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said. The hackers, dubbed Green Nailao, deployed ShadowPad ...
7 months ago Therecord.media

Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
1 year ago Securityweek.com Silence

VanHelsing Ransomware Attacking Windows Systems With New Evasion Technique & File Extension - A new ransomware strain named VanHelsing has emerged, targeting Windows systems with sophisticated encryption techniques and advanced evasion tactics. Cyfirma researchers discovered that VanHelsing employs a double extortion strategy, not only ...
6 months ago Cybersecuritynews.com

East Texas hospital network can't receive ambulances because of potential cybersecurity incident - GetTime();if(!(u<=a&&d<=l throw new RangeError("Invalid interval");return r.inclusive?u<=l&&d<=a:ut||isNaN(t. Step):1;if(s<1||isNaN(s throw new RangeError("`options. Step):1;if(l<1||isNaN(l throw new RangeError("`options. GetTime()<=n throw new ...
1 year ago Cnn.com

North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
2 years ago Therecord.media

3 Malware Tactics Used To Evade Detection By Corporate Security: See Examples - Evasion tactics give attackers time, cover, and control while keeping security teams in the dark. These tricks don’t change how the text looks to the user, but they confuse detection tools that rely on reading code or command-line input as it’s ...
5 months ago Cybersecuritynews.com

New AeroBlade hackers target aerospace sector in the U.S. - A previously unknown cyber espionage hacking group named 'AeroBlade' was discovered targeting organizations in the United States aerospace sector. The campaign, discovered by BlackBerry, unfolded in two phases: a testing wave in September 2022 and a ...
1 year ago Bleepingcomputer.com

Tycoon 2FA Phishing Kit Employs New Evasion Techniques to Bypass Endpoint Detection Systems - At its core, Tycoon 2FA employs three principal evasion techniques: custom CAPTCHA implementation through HTML5 canvas, JavaScript obfuscation using invisible Unicode characters, and aggressive anti-debugging measures that prevent security analysis. ...
5 months ago Cybersecuritynews.com

Optimizing Cybersecurity: How Hackers Use Golang Source Code Interpreter to Evade Detection - Hackers have been upping the stakes when it comes to executing cyberattacks, and an increasingly popular tool in their arsenal is the Golang source code interpreter. Reportedly, the interpreter is used to obfuscate code, thus making it harder for ...
2 years ago Bleepingcomputer.com

Hackers Exploiting Microsoft Templates to Execute Malicious Code - This campaign represents a significant evolution in the tactics, techniques, and procedures employed by cybercriminals. They are leveraging social engineering and advanced evasion techniques to deploy malicious code. The attackers meticulously ...
1 year ago Gbhackers.com

FBI disrupts Moobot botnet used by Russian military hackers - The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies. This network of hundreds of ...
1 year ago Bleepingcomputer.com Fancy Bear APT28 Turla Volt Typhoon

Hackers Fix Polish Train Glitch, Face Legal Pushback by the Manufacturer - In a recent cybersecurity incident, three Polish hackers achieved success in repairing the malfunctioning software of a train, initially serviced by independent repair shops for a regional rail operator. The narrative took a twist when accusations ...
1 year ago Hackread.com

Hackers breach Australian court hearing database - The court system for Australia's second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria, an administrative body that supports the operations of the ...
1 year ago Therecord.media Qilin

Hackers Constantly Developing New Evasion Mechanisms

Cyber News related to Hackers Constantly Developing New Evasion Mechanisms

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)