Afternoon Dessert – 2023-01-19


Welcome to another Afternoon Dessert breakout:

New Research Delves into the World of Malicious LNK Files and Hackers Behind Them
Cybercriminals are increasingly leveraging malicious LNK files as an initial access method to download and execute payloads such as Bumblebee, IcedID, and Qakbot.
A recent study by cybersecurity experts has shown that it is possible to identify relationships between different threat actors by analyzing the metadata of malicious LNK files, uncovering information such as the specific tools and
Read more….

Android Users Beware: New Hook Malware with RAT Capabilities Emerges
The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored in the devices and create a remote interactive session.
ThreatFabric, in a report shared with The Hacker News, characterized Hook as a novel ERMAC fork that’s advertised for sale for $7,000 per month while featuring
Read more….

PayPal accounts breached in large-scale credential stuffing attack
PayPal is sending out notices of a data breach to thousands of users who had their accounts accessed by credential stuffing actors, resulting in the compromise of some personal data. […]
Read more….

Ransomware profits drop 40% in 2022 as victims refuse to pay
Ransomware gangs extorted from victims about $456.8 million throughout 2022, a drop of roughly 40% from the record-breaking $765 million recorded in the previous two years. […]
Read more….

New ‘Blank Image’ attack hides phishing scripts in SVG files
An unusual phishing technique has been observed in the wild, hiding empty SVG files inside HTML attachments pretending to be DocuSign documents. […]
Read more….

New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks
A new critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft Azure could be exploited by a malicious actor to completely take control of a targeted application.
“The vulnerability is achieved through CSRF (cross-site request forgery) on the ubiquitous SCM service Kudu,” Ermetic researcher Liv Matan said in a report shared with The Hacker News. “By
Read more….

S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]
As always: entertaining, informative and educational… and not bogged down with jargon! Listen (or read) now…
Read more….

Exploit released for critical ManageEngine RCE bug, patch now
Proof-of-concept exploit code is now available for a remote code execution (RCE) vulnerability in multiple Zoho ManageEngine products. […]
Read more….

Roaming Mantis’ Android malware adds DNS changer to hack WiFi routers
Starting in September 2022, the ‘Roaming Mantis’ credential theft and malware distribution campaign was observed using a new version of the Wroba.o/XLoader Android malware that incorporates a function for detecting specific WiFi routers and changing their DNS. […]
Read more….

Microsoft starts testing Notepad tabs in Windows 11
Microsoft released a new version of Notepad for Windows 11 on Thursday that will allow Windows Insiders in the Dev channel to use multiple tabs. […]
Read more….

Follow for more…


Create a website or blog at

%d bloggers like this: