Security researchers have found that social engineering campaigns that drop Emotet botnet are using "unconventional" IP address formats for the first time to bypass security solutions. Emotet spam campaigns aim to trick users into enabling document that uses Excel 4.0 Macros, a feature that has been repeatedly abused by hackers, and to automate malware execution. Once the victim enables the macros, it invokes an embedded URL that is obfuscated with carets and coded with an IP address with hexadecimal representation - "h^tt^p^[:]/^/0xc12a24f5/cc[.]html". In addition, other campaigns also utilized the same modus operandi with the difference of using an IP address coded in the octal format - "h^tt^p^[:]/^/0056.0151.0121.0114/c[.]html". The unique utilization of hexadecimal and octal IP addresses in these campaigns, as per analysts, indicates that attackers are continuing to innovate to avoid pattern-based detection techniques.
Cisco issued a warning about a state-sponsored hacking group exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewal...
Citizen Lab's recent investigation revealed significant security vulnerabilities in various cloud-based pinyin keyboard apps, raising concerns about user privacy risks. Among t...
An unidentified attacker hacked the website of a Czech news service on April 23, 2024, and published a fake story claiming an assassination attempt on Slovakia’s newly elected pr...