A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim’s master password in cleartext under specific circumstances.
The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux, and macOS, and is expected to be patched in version 2.54, which is likely to be released early Read More
Related Posts
White Snake Updated New Features to Steal Credit Cards CVC Codes from Chrome
White Snake Updated New Features to Steal Credit Cards CVC Codes from Chrome
The notorious White Snake malware has been updated to exploit a new feature in the latest version of Google Chrome.
This update allows the malware to steal CVC codes from credit cards stored in the browser, posing a significant threat to online security reports by a Who Said What in Social Media Platform, X.
Google Chrome browser v129 was released at September 17th, 2024, and one of the “new” features that took infostealers devs attention is the storage of CVC codes from credit cards#WhiteSnake updated recently featuring the grab of this information from browser victims. pic.twitter.com/CoCpjCRfk3
— Who said what (@g0njxa) September 23, 2024
Chrome’s New Feature Draws Attention
Google Chrome version 129, released on September 17th, 2024, introduced several new features to enhance user experience.
One such feature is the ability to store CVC codes from credit cards directly within the browser for easier online transactions.
Download Free Incident Response Plan Template for Your Security Team – Free Download
While this feature was designed to streamline the payment process, it has inadvertently attracted the attention of cybercriminals and infostealer developers.
White Snake Malware Update
White Snake, a well-known malware in the cybersecurity community, has swiftly adapted to this new opportunity.
The malware’s developers have updated their capabilities to target and extract these stored CVC codes from victims’ browsers.
This enhancement allows White Snake to capture complete credit card information, making it easier for cybercriminals to commit fraud and theft.
White Snake’s ability to exploit this new Chrome feature underscores the ongoing game of cat-and-mouse between software developers and cybercriminals.
Users are advised to exercise caution when storing sensitive information in their browsers and consider alternative methods for managing payment details, such as dedicated password managers or secure payment platforms.
Cybersecurity experts recommend that users regularly update their security software and remain vigilant for suspicious activity on their accounts.
Google is expected to address this vulnerability in future updates, but until then, users must take proactive steps to protect their financial information.
Are You From SOC/DFIR Teams? – Try Advanced Malware and Phishing Analysis With ANY.RUN – 14-day free trial
The post White Snake Updated New Features to Steal Credit Cards CVC Codes from Chrome appeared first on Cyber Security News.
LastPass: Hackers targeted employee in failed deepfake CEO call
LastPass: Hackers targeted employee in failed deepfake CEO call
LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company’s Chief Executive Officer. […] Read More
BleepingComputer
Nigeria Drops Charges Against Tigran Gambaryan, Jailed Binance Exec and Former IRS Agent
Nigeria Drops Charges Against Tigran Gambaryan, Jailed Binance Exec and Former IRS Agent
After eight months, one of the US’s most prominent crypto-crime investigators may finally be coming home. Read More