APT15 is running a cyberespionage campaign against foreign ministries and other diplomatic targets. Read More
The CyberWire
The all in one place for non-profit security aid.
APT15 is running a cyberespionage campaign against foreign ministries and other diplomatic targets. Read More
The CyberWire
Discord.io confirms breach after hacker steals data of 760K users
The Discord.io custom invite service has temporarily shut down after suffering a data breach exposing the information of 760,000 members. […] Read More
BleepingComputer
Learn 100+ Premium Cyber Security Courses Online with $100 Christmas Gift!
Ethical Hackers Academy, Inc., one of the world’s leading Premium Cyber Security training platform, offers 100+ advanced cybersecurity courses that cover all the corners of cybersecurity.
With an exclusive Diamond Membership with lifetime access from Ethical Hackers Academy, you will complete all-in-one cybersecurity training and then progress to learn advanced levels of technology. The course transforms your skills and encompasses a very broad area. Highly skilled instructors handle all the courses.
These courses will help boost your career and enhance your cyber skills, which can add value to your organization, wherever you are. Such skills can give you the experience to be prepared and equipped to take that next step toward achieving your goals.
As a Christmas gift, Ethical Hackers Academy offers a $100 flat discount for a Diamond Membership, and the Discount will be auto-applied on the checkout page. You can claim the offer by clicking the below link.
Enrolling in a cybersecurity membership program that offers access to over 100 courses can be an excellent way to broaden your knowledge and skills in this field. Here are some tips and considerations for making the most out of such a membership:
Assess Your Current Skill Level: Before diving into the courses, assess your existing knowledge and skills in cybersecurity. This will help you identify the most relevant courses for your current level and career goals.
Set Clear Goals: Determine what you want to achieve with these courses. Are you looking to gain a broad understanding of cybersecurity, or are you focusing on a specific area like network security, ethical hacking, or digital forensics?
Create a Learning Plan: With so many courses available, organizing your learning journey is important. Create a structured plan that outlines which courses you’ll take and when. This plan should align with your goals and available time.
Start with Fundamentals: If you’re new to cybersecurity, start with courses that cover the basics. Understanding fundamental concepts is crucial before moving on to more advanced topics.
Explore Different Domains: Cybersecurity is a vast field with many subdomains. Take advantage of the variety of courses to explore different areas and find what interests you the most.
Practical Application: Look for courses that offer practical, hands-on experiences. Theoretical knowledge is important, but the ability to apply what you’ve learned is crucial in cybersecurity.
Stay Consistent: Regular study and practice are key. Set aside dedicated time each week for your cybersecurity studies to ensure steady progress.
Engage with the Community: If the membership includes community access, participate in discussions, forums, and webinars. Networking with instructors and peers can provide additional learning opportunities and career advice.
Track and Reflect on Your Progress: Regularly review what you’ve learned and how you’ve applied it. This reflection can help you adjust your learning plan as needed.
Certification Preparation: If your goal is to obtain cybersecurity certifications, use the courses to prepare for these exams. Many memberships offer courses specifically designed for certification preparation.
Stay Updated: Given the rapidly evolving nature of cybersecurity, look for regularly updated courses with the latest information and practices.
Leverage Career Resources: If the program offers career development resources, take full advantage of them. These might include resume reviews, job search tips, or interview preparation.
Ethical Hackers Academy lets you explore 100+ advanced cybersecurity courses in diverse areas by carefully picking courses from the world’s most skilled cybersecurity authors in their respective areas of interest to prepare the contents to ensure learners get an in-depth practical learning experience.
With the increasing prevalence of cyber threats, there is a high demand for cybersecurity professionals with advanced skills.
Diamond Membership offers 100+ advanced cybersecurity courses can open up many job opportunities, including positions such as cybersecurity analyst, penetration tester, security architect, incident responder, and more.
These roles often come with attractive salary packages and job security.
Courses from Diamond Membership equip you with the knowledge and skills to understand and address the latest cyber threats.
You’ll learn about emerging attack techniques, vulnerabilities, and security solutions.
By staying ahead of evolving threats, you can better protect organizations from sophisticated cyber attacks.
Cybersecurity professionals with advanced skills and certifications typically command higher salaries than those with basic knowledge.
Employers value individuals who can handle complex security challenges and mitigate risks effectively.
Investing in a Diamond membership with advanced cybersecurity courses can increase your earning potential.
Cybersecurity is rapidly growing, and the demand for skilled professionals continues to rise.
Organizations of all sizes and industries need experts to protect their sensitive data and digital assets.
Courses from Diamond membership let you expand your knowledge through advanced courses that can enhance your job security and become an indispensable asset to employers.
Advanced cybersecurity courses from Diamond Membership delve into specific domains, such as network security, ethical hacking, digital forensics, secure coding, or cloud security.
You can develop specialized expertise in a particular area by choosing Diamond Membership aligned with your interests and career goals.
This skill diversification can make you more valuable in the job market and enable you to take on challenging projects.
Diamond Membership offers you lifetime Access to more than 100+ Ethical Hacking courses to help you learn it your way and get on the road to becoming one of the finest experts in leading cyber security domains as follows:
Penetration Testing
Vulnerability Assessment
Security Auditing
Ethical Hacking
Malware Analysis
Bug Bounty
Exploit Development
Kali Linux Training
Android Hacking
Network Hacking
GDPR
Python Programming
Threat Analysis
Reverse Engineering
Cyber Forensics
IoT Security
SOC operations training
Web hacking
Digital Forensics
CompTIA
CISSP
AWS Security
Docker Security
Kubernetes Security
Data Protection & Compliance
Incident Response
Cloud Penetration Testing
Learn 100+ Hacking tools and more.
100+ Curated Courses and E-Degrees
3000+ hours of Training videos
20+ New Courses Added Every Year
1 E-Degree Added Every Year
24/7 Unlimited Access
Lifetime Subscription
Lifetime Technical Support and Update
Interactive Learning Modules
Certifications with CPE Credits
Complete Practical Training
Practical labs and Setup Guide
500+ Downloadable E-Book and materials
Network Penetration tester
Web penetration Tester
Malware Analyst
Network Security Professionals
Network Admins
Security System Administrators
Vulnerability tester
Security researcher
Red Team member
Blue Team Member
SOC Analyst.
Security Auditor.
Security Engineer.
Security analyst (II)
Vulnerability assessment analyst
Network security operations
Application security vulnerability
Ethical hacker, Cyber Security Analyst
Security Manager.
Anyone who wants to start a career in Cyber Security & Ethical hacking.
Anyone who wants to upskill cybersecurity from the basics to the Advanced level
Any Security professionals who want to stay updated.
Any developers and testers who wish to be Penetration testers.
Anyone curious about Ethical Hacking, Penetration Testing
Anyone who wants to become a Cyber Security Professional.
Anyone interested in real-time penetration testing of the enterprise network
The post Learn 100+ Premium Cyber Security Courses Online with $100 Christmas Gift! appeared first on Cyber Security News.
Cyber Security News
Hackers Exploit YouTube Videos to Deliver Password Stealing Malware
[[{“value”:”
Threat actors hunt for ways to exploit vulnerabilities by employing tactics from technical zero-days to broad phishing.
Social engineering blends with commodity malware on high-traffic sites, like social media, that allows quick, cheap, and widespread attacks.
Despite seeming trivial, these infections, such as AI-generated videos on YouTube offering malware disguised as cracked software, pose significant risks to users and organizations.
Document
Live Account Takeover Attack Simulation
How do Hackers Bypass 2FA?
Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks
.
The attacker seizes control of inactive YouTube channels using leaked old credentials. Then, they upload a distinct short video that differs from the channel’s previous content by enticing victims with promises of cracked software, reads Cyberreason report.
An account focused on rap music till 2021 suddenly shared a cracked Adobe Animate version in August 2023. Experts notice the consistent layout of thumbnails and titles.
Videos use AI-generated content, mixing voice-to-text and text on animated backgrounds. Audience size varies from zero to over a hundred thousand subscribers.
Threat actors boost video requests with tricks like SEO poisoning, adding tons of tags related to cracked software searches. Tags even match the languages of targeted regions by hinting at localized attack campaigns.
Threat actors manipulate video comments for trust by using compromised accounts or disabling comments to trap victims.
Videos guide to a description with a link to alleged cracked software that accesses passwords and masks URLs via link shorteners like Rebrandly or Bitly.
The malicious payload on file-sharing or compromised sites infects victims who download thinking it’s legit.
Infostealers & Malware obersved
Here below, we have mentioned all the types of info stealers and malware that are observed:-
Raccoonstealer
Tropicraked
The latest video promises Microsoft Office crack, uploaded 13 days ago. The description has a Rebrandly link with a password, and the link redirects to the Telegraph URL by hiding the actual download link.
Telegraph allows anonymous publishing, and the timestamp indicates activity since November 24, 2022; the link leads to MediaFire hosting Setup (PA$S 5577).rar.
Mediafire Download Link (Source – Cybereason)
While the password needed to decompress the rar file and the Setup.exe claims to be a Makedisk product, but analysis confirms it’s malicious.
The file’s metadata reveals it’s a Smart Assembly .NET-obfuscated .NET binary with a compile date of August 30, 2023. Tools like de4dot and dnSpy are needed for static analysis.
The VirusTotal flags it as Redline, but Setup.exe executes it by triggering vbc.exe. Vbc.exe connects to a Finland-based IP (95.217.14.200) which was flagged as a Redline C2 server.
Cybereason detects a Malicious Operation (MalOp) with potential credential theft and data exfiltration. A successful Redline infection grants the threat actor access by allowing further exploitation and lateral movement within the network.
TropiCracked efficiently exploits a cost-effective infrastructure using YouTube, Telegraph, and Mediafire for broad access.
The attack, by leveraging compromised YouTube accounts, Redline access, and Google Dorking, targets over 800 accounts with minimal cost and technical skill.
Despite social media efforts, individuals and organizations must secure endpoints against such attacks.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The post Hackers Exploit YouTube Videos to Deliver Password Stealing Malware appeared first on Cyber Security News.
“}]] Read More
Cyber Security News