The list of MOVEit hack victims continues to grow. Nickelodeon says breach contained decades old data. What nonprofits need to know about world privacy protections. Read More
The CyberWire
The all in one place for non-profit security aid.
The list of MOVEit hack victims continues to grow. Nickelodeon says breach contained decades old data. What nonprofits need to know about world privacy protections. Read More
The CyberWire
End of VBScript! Microsoft Replacing it With Advanced Alternatives
Microsoft has officially announced the gradual deprecation of VBScript, with plans to replace it with more advanced alternatives such as JavaScript and PowerShell.
The move comes as part of Microsoft’s commitment to providing users with the best and most efficient experiences.
VBScript, a lightweight scripting language introduced by Microsoft in 1996, has been widely used for automating tasks and controlling applications on Windows-based systems. However, with the advancement of technology, more modern and efficient options are now available.
Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers
The deprecation will occur in three phases. Beginning with the new OS release slated for later this year, VBScript will be available as features on demand (FODs).
The feature will be completely retired from future Windows OS releases as Microsoft transitions to more efficient PowerShell experiences.
As a result of this change, projects that rely on VBScript will stop functioning once the language is fully retired. Microsoft expects users to switch to suggested alternatives by then.
These alternatives offer enhanced capabilities and better performance, aligning with the advancements in technology over the years. PowerShell, in particular, is highlighted as a more efficient experience for task automation and system management.
The move to deprecate VBScript is part of Microsoft’s efforts to modernize scripting options for web development and task automation. By replacing VBScript with more advanced alternatives, Microsoft aims to provide users with the most modern and efficient options available.
Malicious actors have used VBScript to distribute malware strains like Lokibot, Emotet, Qbot, and DarkGate. Deprecating VBScript is likely part of Microsoft’s broader strategy to mitigate the increasing prevalence of these malware campaigns.
For more information on VBScript deprecation and best practices for transitioning to alternative technologies, Microsoft encourages users to visit the Windows Tech Community and follow their updates.
The primary reasons for deprecating VBScript appear to be enhancing security by preventing its use in malware distribution, encouraging the transition to modern scripting alternatives, and allowing Microsoft to remove a legacy component that may contain vulnerabilities. However, Microsoft has not provided an official, detailed explanation behind this decision.
ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service
The post End of VBScript! Microsoft Replacing it With Advanced Alternatives appeared first on Cyber Security News.
Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds
Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it’s tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season.
The goal of the attacks is to propagate booby-trapped links that direct victims to adversary-in-the-middle (AiTM Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Beware of BlackPlague Malware That Steals Discord Token & Telegram Sessions
Cybersecurity experts have identified a new strain of malware named “BlackPlague” that targets explicitly popular communication platforms Discord and Telegram.
This sophisticated malware is designed to steal user tokens and session data, posing a significant threat to the privacy and security of millions of users worldwide.
According to a report shared by MonThreat on social media, BlackPlague malware has been rapidly spreading, exploiting vulnerabilities in both Discord and Telegram.
BlackPlague Stealer Shared
A new stealer malware called BlackPlague, which is written in C# and continues to develop with Python for faster performance has been shared. BlackPlague stealer is claimed to be able to capture Discord tokens, Steam, Ubisoft, and Telegram sessions.… pic.twitter.com/c4y8aVfPLy
— ThreatMon (@MonThreat) May 21, 2024
ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service
The malware infiltrates users’ systems and extracts sensitive information, including Discord tokens and Telegram session data.
Malicious actors can then use these tokens and session data to gain unauthorized access to user accounts, potentially leading to data breaches, identity theft, and other cybercrime.
The malware’s ability to bypass traditional security measures and its focus on widely-used communication platforms make it particularly dangerous.
Cybersecurity experts urge users to be vigilant and take proactive steps to protect their accounts.
This includes enabling two-factor authentication, regularly updating passwords, and being cautious about downloading files or clicking on links from unknown sources.
Cybersecurity professionals recommend several measures to safeguard personal information in light of the growing threat posed by BlackPlague.
Firstly, users should ensure that their software and applications are up-to-date, as updates often include patches for known vulnerabilities.
Additionally, robust antivirus and anti-malware solutions can help detect and neutralize threats before they cause harm.
Users are also advised to monitor their accounts for any unusual activity and report suspicious behavior to the respective platform’s support team.
By staying informed and adopting best practices for online security, individuals can significantly reduce the risk of falling victim to BlackPlague and other similar threats.
As the digital landscape continues to evolve, the importance of cybersecurity cannot be overstated.
The emergence of BlackPlague is a stark reminder of the ever-present dangers in the online world and the need for constant vigilance to protect personal and sensitive information.
Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers
The post Beware of BlackPlague Malware That Steals Discord Token & Telegram Sessions appeared first on Cyber Security News.