CyberSecurityBoard
Sponsor Register Login

Hackers Using Malicious JavaScript Samples to Steal Sensitive Data

Unit 42 researchers are the elite cyber sleuths of Palo Alto Networks, a leading cybersecurity company.
Traditional static and dynamic analysis methods used by security tools often struggle against these new threats.
Obfuscation, unusual DOM interactions, and selective payload detonation are just a few tricks these malicious scripts employ to fly under the radar.
Dynamic HTML Generation: The code that steals data is created on the fly, making it difficult to detect statically.
Image-based Exfiltration: Hidden images with encoded data are loaded, sending the stolen information to the attacker without raising suspicion.
Keyword Triggers: The malware only activates when specific keywords are present, suggesting it targets specific user actions.
Unit 42 researchers developed advanced analysis techniques to track information flows within JavaScript code, exposing these stealthy exfiltration attempts.


This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 22 Dec 2023 08:45:03 +0000


Cyber News related to Hackers Using Malicious JavaScript Samples to Steal Sensitive Data

Parrot TDS: A Persistent and Evolving Malware Campaign - Websites with Parrot TDS have malicious scripts injected into existing JavaScript code hosted on the server. To help the reader better understand Parrot TDS, this article provides in-depth analysis of the landing scripts and payload scripts we have ...
5 months ago Unit42.paloaltonetworks.com
Why Is an Australian Footballer Collecting My Passwords? The Various Ways Malicious JavaScript Can Steal Your Secrets - Unit 42 researchers have observed threat actors using malicious JavaScript samples to steal sensitive information by abusing popular survey sites, low-quality hosting and web chat APIs. In this article, we'll describe some of the tactics used by ...
6 months ago Unit42.paloaltonetworks.com
AsyncRAT Loader Delivers Malware via JavaScript - For at least 11 months, this threat actor has been working on delivering the Remote Access Trojan through an initial JavaScript file, embedded in a phishing page. After more than 300 samples and over 100 domains later, the threat actor is persistent ...
5 months ago Cybersecurity-insiders.com
Penetration Testing for Sensitive Data Exposure in Enterprise Networks: Everything You Need to Know! - The amount of data enterprises store is much bigger than SMBs. A lot of this data includes sensitive information of customers and clients such as bank details, social security numbers, emails, contact numbers, etc. For those new to data security, ...
6 months ago Securityboulevard.com
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
1 year ago Therecord.media
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
1 year ago Hackread.com
Cooler Master confirms customer info stolen in data breach - Computer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19, allowing a threat actor to steal customer data. Cooler Master is a popular computer hardware manufacturer known for their cooling devices, computer ...
1 month ago Bleepingcomputer.com
How Russian Hackers Attack Samsung Devices – A Comprehensive Guide - Samsung devices have become all the rage around the globe. Unfortunately, their popularity also attracts the attention of hackers and other cybercriminals who take advantage of them to spread their malicious codes and conduct their illegal ...
1 year ago Heimdalsecurity.com
Hive Ransomware Infrastructure Seized by Police - Breaking News - Police have recently seized the entire infrastructure of the Hive ransomware by arresting a group of criminals in Europe. This ransomware is believed to be the root cause of many cyber-attacks taking place across the globe. This significant seizure ...
1 year ago Thehackernews.com
Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
7 months ago Bleepingcomputer.com
Booking.com hackers increase attacks on customers - Hackers are increasing their attacks on Booking.com customers by posting adverts on dark web forums asking for help finding victims. Cyber-criminals are offering up to $2,000 for login details of hotels as they continue to target the people who are ...
7 months ago Bbc.com
4500+ WordPress Sites Hacked with a Monero Cryptojacking Campaign - Security researchers recently reported the discovery of a massive Monero hacking campaign targeted at WordPress sites. According to reports, more than 4500 WordPress sites were compromised with a malicious cryptocurrency-mining campaign. The hackers ...
1 year ago Thehackernews.com
Chinese Hackers Turn To Golang For Malware - Chinese hackers are increasingly turning to the open-source programming language Golang to maliciously code and launch new cyberattacks. According to the latest analysis by The Hacker News, this has resulted in an increase in the number of cyber ...
1 year ago Thehackernews.com
Building a Sustainable Data Ecosystem - Finally, I outline future research and policy refinement directions, advocating for a collaborative and responsible approach to building a sustainable data ecosystem in generative AI. In recent years, generative AI has emerged as a transformative ...
3 months ago Feeds.dzone.com
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies - After Sandworm and APT28, another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. APT29 is tracked under different names and has been targeting embassy entities with a BMW car ...
7 months ago Bleepingcomputer.com
Data De-Identification: Balancing Privacy, Efficacy & Cybersecurity - COMMENTARY. Global data privacy laws were created to address growing consumer concerns about individual privacy. These laws include several best practices for businesses about storing and using consumers' personal data so that the exposure of ...
7 months ago Darkreading.com
Microsoft: BlueNoroff hackers plan new crypto-theft attacks - Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. This financially motivated threat group also has a documented history of cryptocurrency ...
7 months ago Bleepingcomputer.com
Data Classification: Your 5 Minute Guide - Data classification has become a vital component of data security governance. With the rise of virtual data networks, organizations must take necessary measures to protect and secure confidential information. Data classification is the process of ...
1 year ago Tripwire.com
Cybersecurity Crisis Looms: FBI Chief Unveils Chinese Hackers' Plan to Target US Infrastructure - As the head of the FBI pointed out Wednesday, Beijing was positioning itself to disrupt the daily lives of Americans if there was ever a war between the United States and China if it were to plant malware to damage civilian infrastructure. U.S. ...
5 months ago Cysecurity.news
New AeroBlade hackers target aerospace sector in the U.S. - A previously unknown cyber espionage hacking group named 'AeroBlade' was discovered targeting organizations in the United States aerospace sector. The campaign, discovered by BlackBerry, unfolded in two phases: a testing wave in September 2022 and a ...
7 months ago Bleepingcomputer.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
6 days ago Securityweek.com
Timeline of the Latest LastPass Data Breaches - A Complete Overview - LastPass, a popular password management system, has been the target of malicious hackers several times in the last few years. In this article, we’ll take a look at the latest LastPass data breaches and what happened in each incident. ...
1 year ago Csoonline.com
Web Injection Campaign Targets 40 Banks, 50,000 Users - Dozens of banks around the word are in the crosshairs of a threat group using JavaScript web injections to steal users' bank account credentials. The campaign, which the hackers have been preparing for since December 2022 and which emerged in March, ...
6 months ago Securityboulevard.com
Hackers breach Australian court hearing database - The court system for Australia's second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria, an administrative body that supports the operations of the ...
6 months ago Therecord.media
Sigma rules for Linux and MacOS ~ VirusTotal Blog - TLDR: VT Crowdsourced Sigma rules will now also match suspicious activity for macOS and Linux binaries, in addition to Windows. We recently discussed how to maximize the value of Sigma rules by easily converting them to YARA Livehunts. At that time ...
6 months ago Blog.virustotal.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)