New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023.
"The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the Read More
The Hacker News | #1 Trusted Cybersecurity News Site
New Ficker Stealer Malware Attacking Windows systems to Steal Sensitive Data
Ficker Stealer is a type of malware that steals sensitive information from over 40 browsers, including popular ones like Chrome, Firefox, Edge, and Opera. It first emerged in 2020 and is known for promoting itself with these capabilities.
It can steal sensitive information stored on a victim’s computer, including
Cryptocurrency wallet addresses.
Passwords from web browsers.
Credit card details.
SSH passwords or FTP login information.
Computer login passwords.
Any credentials stored by the Windows Credential Manager.
Ficker Stealer primarily infiltrates systems through phishing emails, preying on unsuspecting victims who unknowingly download malicious attachments.
It also exploits compromised websites, leveraging social engineering to deceive users and gain unauthorized access to their machines.
The malware’s capabilities are chilling – it steals passwords, credit card details, files, and more.
Ficker Stealer goes beyond traditional keylogging, employing a range of tactics such as process injection, browser tracking, and file extraction.
It takes full advantage of its modular design to target specific forms of data, making it a potent weapon for cybercriminals.
The Craftsmanship Behind Ficker Stealer
One distinctive feature of Ficker Stealer is its programming language – Rust.
This choice enhances the malware’s performance and security due to Rust’s robust design and safety mechanisms.
Its efficiency enables the creation of intricate malicious programs, while its safety measures counter vulnerabilities within the code, posing a challenge for cybersecurity researchers.
Ficker Stealer employs a range of techniques to extract sensitive data:
Keylogging: Capturing keyboard inputs to steal passwords and other confidential data.
Browser Tracking: Monitoring users’ browser activities to harvest login credentials, cookies, and more.
Process Injection: Embedding itself within legitimate processes to gain access to protected areas of the system.
File Extraction: Configurable to gather various files from compromised systems.
Loader Functionality: Serving as a platform to drop and execute additional malicious programs.
Ficker Stealer employs encryption to protect data transferred to its Command and Control (C2) server.
It communicates using encrypted channels, making detection and interception challenging.
The malware also reports back to attackers following successful operations, leaving no trace on the victim’s computer.
This stealthy behavior complicates efforts to track its activities.
API Attacks Have Increased by 400% – Understand the Fundamentals of Protecting Your APIs with a Positive Security Model – Register Now for a Free Webinar
Unmasking Ficker Stealer’s Execution Process
Ficker Stealer’s behavior comes to light when examined within the ANY.RUN sandbox.
Ficker Stelaler in ANY.RUN
This platform allows researchers to analyze the malware’s activities in a controlled environment.
Ficker Stelaler configuration extracted in ANY.RUN
From its execution process to configuration extraction, the sandbox reveals the malware’s tactics, techniques, and procedures (TTP) in a real-time setting.
The Ficker Stealer malware poses a substantial threat to Windows users’ data security.
Its advanced techniques, stealthy behavior, and modular design make it a formidable adversary.
In the ever-evolving landscape of cyber threats, understanding Ficker Stealer’s workings and adopting defensive measures are crucial for safeguarding sensitive information.
Exercising caution while interacting with emails, especially those from unfamiliar senders, is paramount. Suspicious attachments or links should be avoided.
The European Union Agency for Cybersecurity (ENISA) has published a comprehensive list of the top ten emerging cybersecurity threats anticipated to impact the digital landscape by 2030.
This forecast culminates an extensive eight-month foresight exercise, incorporating insights from the ENISA Foresight Expert Group, the CSIRTs Network, and EU CyCLONe experts.
ENISA’s Executive Director, Juhan Lepassaar, emphasized the urgency of addressing these risks, stating, “The mitigation of future risks cannot be postponed or avoided. This is why any insight into the future is our best insurance plan.”
Document
Download Free CISO’s Guide to Avoiding the Next Breach
Are you from The Team of SOC, Network Security, or Security Manager or CSO? Download Perimeter’s Guide to how cloud-based, converged network security improves security and reduces TCO.
Understand the importance of a zero trust strategy
Complete Network security Checklist
See why relying on a legacy VPN is no longer a viable security strategy
Get suggestions on how to present the move to a cloud-based network security solution
Explore the advantages of converged network security over legacy approaches
Discover the tools and technologies that maximize network security
Adapt to the changing threat landscape effortlessly with Perimeter 81’s cloud-based, unified network security platform.
The exercise underscores the diversity of the threats and the evolving nature of today’s challenges, which will continue to shift in character over the next decade.
The top ten threats identified by ENISA are:
Supply Chain Compromise of Software Dependencies: As systems grow more complex and reliant on third-party components, the risk of attacks exploiting these dependencies is expected to rise.
Skill Shortage: The cybersecurity industry faces a significant talent gap, projected to persist, potentially exacerbating security breaches.
Human Error and Exploited Legacy Systems Within Cyber-Physical Ecosystems: Insecure critical infrastructure and IoT systems pose a substantial risk, with human error compounding the threat.
Exploitation of Unpatched and Out-of-date Systems: The overwhelming pace of technological advancements may lead to neglected updates, leaving systems vulnerable.
Rise of Digital Surveillance Authoritarianism / Loss of Privacy: Advancements in surveillance technologies threaten individual privacy and data security.
Cross-border ICT Service Providers as a Single Point of Failure: The increasing reliance on service providers could lead to significant vulnerabilities if these entities are compromised.
Advanced Disinformation / Influence Operations (IO) Campaigns: The sophistication of disinformation campaigns is expected to grow, potentially undermining societal trust and cohesion.
Rise of Advanced Hybrid Threats: Cyberattacks may become more complex, blending digital and physical security threats in unforeseen ways.
Abuse of AI: The misuse of AI technologies could lead to enhanced criminal operations and manipulation of information.
Physical Impact of Natural/Environmental Disruptions on Critical Digital Infrastructure: Natural disasters and environmental changes could directly impact the resilience of digital infrastructures.
ENISA’s foresight analysis serves as a strategic tool for understanding the evolution of threats and provides a roadmap for policymakers and cybersecurity practitioners to prepare and mitigate these emerging risks.
The agency’s proactive approach aims to bolster the EU’s cybersecurity resilience by raising awareness and promoting countermeasures among member states and stakeholders.
The report’s findings are intended to inspire action and enhance the EU’s preparedness for the cybersecurity challenges of the future.
As the digital landscape continues to evolve, ENISA’s foresight exercise highlights the importance of continuous vigilance and adaptation to safeguard against the ever-changing threat landscape
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Microsoft Flags Growing Cybersecurity Concerns for Major Sporting Events
Microsoft is warning of the threat malicious cyber actors pose to stadium operations, warning that the cyber risk surface of live sporting events is "rapidly expanding."
"Information on athletic performance, competitive advantage, and personal information is a lucrative target," the company said in a Cyber Signals report shared with The Hacker News. "Sports teams, major league and global Read More
The Hacker News | #1 Trusted Cybersecurity News Site