CyberSecurityBoard
Sponsor Register Login

Threat Actors Stealing Users Browser Fingerprints To Bypass Security Measures & Impersonate Users

A sophisticated cybercriminal campaign leveraging stolen browser fingerprints to bypass fraud detection systems and impersonate legitimate users has been uncovered by cybersecurity researchers. Browser fingerprinting—a technique that collects hundreds of browser and device characteristics like installed fonts, screen resolution, and graphics card details—has become a powerful tool for both legitimate security systems and cybercriminals. Cybersecurity analysts at Group-IB detected that by mimicking these fingerprints, attackers can disguise automated attacks as legitimate user activity, bypassing protections like multi-factor authentication (MFA) and device reputation checks. Dubbed ScreamedJungle, the threat actor has been exploiting vulnerabilities in outdated Magento e-commerce platforms since May 2024 to inject malicious scripts that harvest unique digital identifiers from unsuspecting visitors. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The attack begins with the exploitation of unpatched Magento stores, particularly those running end-of-life versions like Magento 2.3, which lacks security updates since September 2022. This method renders canvas elements on remote servers, ensuring pixel-perfect replication of legitimate user fingerprints. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. ScreamedJungle leverages vulnerabilities such as CVE-2024-34102 (CosmicSting) and CVE-2024-20720 to inject a malicious JavaScript payload into compromised websites. Group-IB analysts estimate that ScreamedJungle’s global operations have harvested millions of fingerprints since May 2024. To counter such threats, businesses are urged to patch vulnerabilities promptly, monitor for unauthorized script injections, and implement device-binding protocols.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 24 Feb 2025 17:35:19 +0000


Cyber News related to Threat Actors Stealing Users Browser Fingerprints To Bypass Security Measures & Impersonate Users

Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
1 year ago Microsoft.com Kimsuky
CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
Threat Actors Stealing Users Browser Fingerprints To Bypass Security Measures & Impersonate Users - A sophisticated cybercriminal campaign leveraging stolen browser fingerprints to bypass fraud detection systems and impersonate legitimate users has been uncovered by cybersecurity researchers. Browser fingerprinting—a technique that collects ...
3 months ago Cybersecuritynews.com CVE-2024-34102 CVE-2024-20720
20 Best Endpoint Management Tools - 2025 - What is Good?What Could Be Better?Comprehensive endpoint security against many threats.The user interface may overwhelm some users.Machine learning for real-time threat detection.Integration with existing systems may be complex.A central management ...
2 months ago Cybersecuritynews.com
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
1 year ago Feeds.fortinet.com CVE-2023-42793 APT29
Operation Morpheus took down 593 Cobalt Strike servers used by threat actors - Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers. Threat actors may have exploited a zero-day in older iPhones, Apple warns. Nation-state ...
11 months ago Securityaffairs.com CVE-2024-0769 CVE-2022-38028 CVE-2023-49103 CVE-2023-46747 CVE-2023-46748 CVE-2023-4966 APT28
10 Best EDR Tools ( Endpoint Detection & Response) - 2025 - What is good?What Could Be Better ?Provides comprehensive endpoint monitoring.Some users might find the installation and configuration process of the solution tedious.Protect your entire security stack with in-depth threat intelligence.Some users ...
2 months ago Cybersecuritynews.com
The Browser Blind Spot: Why Your Browser is the Next Cybersecurity Battleground - Security teams must integrate browser detection & response capabilities into their enterprise security stack to gain real-time visibility, detect browser-native threats, and protect people where they work. Just as EDR transformed endpoint ...
3 months ago Bleepingcomputer.com
Automating Threat Intelligence Enrichment In Your SIEM With MISP - In conclusion, automating threat intelligence enrichment between MISP and your SIEM using Python is a transformative step for any security operations center. This article explores how to architect, implement, and operationalize automated threat ...
1 month ago Cybersecuritynews.com
Top 10 XDR (Extended Detection & Response) Solutions - 2025 - CrowdStrike Falcon XDR uses this data to extend EDR outcomes and advanced threat detection across the security stack, thereby stopping breaches more quickly. It does this by using CrowdStrike’s world-class machine learning, artificial ...
2 months ago Cybersecuritynews.com
Threat actors misuse OAuth applications to automate financially driven attacks - Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious ...
1 year ago Microsoft.com
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours - In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol host, leading to data exfiltration and the deployment of Trigona ransomware. On Christmas Eve, within just three hours of gaining initial access, ...
1 year ago Thedfirreport.com Trigona
How To Implementing MITRE ATT&CK In SOC Workflows - A Step-by-Step Guide - By understanding the framework, mapping your current capabilities, developing targeted detection and response strategies, and integrating ATT&CK into your tools and processes, you can build a proactive, threat-informed defense that evolves ...
1 month ago Cybersecuritynews.com
Penetration Testing And Threat Hunting: Key Practices For Security Leaders - Security leaders should view penetration testing and threat hunting not as discrete activities but as essential components of a mature security program that evolves from passive defense to active threat detection and mitigation. Penetration testing ...
1 month ago Cybersecuritynews.com Hunters
What Is Cyber Threat Hunting? - Cyber threat hunting involves proactively searching for threats on an organization's network that are unknown to traditional cybersecurity solutions. A recent report from Armis found that cyber attack attempts increased by 104% in 2023, underscoring ...
1 year ago Techrepublic.com
361 million stolen accounts leaked on Telegram added to HIBP - A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check ...
11 months ago Bleepingcomputer.com
How to Overcome the Most Common Challenges with Threat Intelligence - Today's typical approach to threat intelligence isn't putting organizations in a place to do that. Instead, many threat intelligence tools are delivering too much uncurated and irrelevant information that arrives too late to act upon. Organizations ...
1 year ago Cyberdefensemagazine.com Hunters
What Is Threat Modeling? - Threat modeling emerges as a pivotal process in this landscape, offering a structured approach to identify, assess, and address potential security threats. Threat Modeling Adoption and Implementation The successful adoption of threat modeling within ...
1 year ago Feeds.dzone.com
Top 7 Cyber Threat Hunting Tools for 2024 - Cyber threat hunting is a proactive security measure taken to detect and neutralize potential threats on a network before they cause significant damage. To seek out this type of threat, security professionals use cyber threat-hunting tools. With ...
1 year ago Techrepublic.com
Key Breakthroughs from RSA Conference 2025 - Day 1 - Sumo Logic unveiled intelligent security operations with capabilities like detection-as-code (bringing DevSecOps to threat detection), UEBA historical baselining (improving accuracy by learning behavior over time), multiple threat intelligence feeds, ...
1 month ago Cybersecuritynews.com Inception
How to Use Threat Intelligence Feeds for SOC/DFIR Teams - Threat intelligence feeds provide real-time updates on indicators of compromise, such as malicious IPs and URLs. Security systems can then ingest these IOCs to identify and block potential threats, which essentially grants organizations immunity to ...
1 year ago Cybersecuritynews.com
Automating Threat Intelligence: Tools And Techniques For 2025 - Automated threat intelligence leverages artificial intelligence (AI), machine learning (ML), and orchestration platforms to collect, analyze, and act on vast amounts of threat data in real time. These platforms offer features like real-time threat ...
1 month ago Cybersecuritynews.com
Fake Browser Updates Targeting Mac Systems With Infostealer - A widely popular social engineering campaign previously only targeting Windows systems has expanded and is now using fake browser updates to distribute Atomic Stealer, a dangerous information stealer, to macOS systems. Experts say this could be the ...
1 year ago Darkreading.com
Best MDR (Managed Detection & Response) Solutions - 2025 - Cybereason Managed Detection and Response solutions provide 24/7 threat monitoring, advanced endpoint protection, and rapid incident response. Cynet MDR solutions provide automated threat detection and response, ensuring comprehensive security ...
2 months ago Cybersecuritynews.com
Online Learning Security Best Practices - The rapid increase in remote learning has raised security concerns surrounding online learning platforms. The security of online learning platforms involves implementing robust measures to protect against unauthorized access and data breaches. By ...
1 year ago Securityzap.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)