Tag Archive for: image

Hackers Hiding Keylogger, RAT Malware in SVG Image Files


Critical Infrastructure Security
,
Cybercrime
,
Endpoint Security

New Campaign Evades Security Tools to Deliver Agent Tesla Keylogger and XWorm RAT

Hackers Hiding Keylogger, RAT Malware in SVG Image Files

Threat actors are hiding malware in SVG image files to evade detection and deliver ransomware, download a banking Trojan and distribute malware.

See Also: Live Webinar | Secrets Detection: Why Coverage Throughout the SDLC is Critical to Your Security Posture

Cofense Intelligence researchers in January observed a two-month campaign that used SVG files to deliver Agent Tesla Keylogger and XWorm RAT malware. The researchers advise security teams to remind users to watch for unexpected downloads upon opening an SVG file, the telltale sign of a compromise.

The Scalable Vector Graphic file format uses mathematical equations to describe images, which enables them to be scaled without loss of image quality and makes them suitable for diverse design applications.

AutoSmuggle, an open-source tool released in May 2022, enables threat actors to embed malicious files within SVG or HTML content, bypassing security measures such as secure email gateways and increasing the chances of successful malware delivery.

The use of SVG files for malware delivery was first observed in 2015, but researchers said hackers have refined their tactics to bypass security measures and successfully distribute harmful payloads. SVG files distributed Ursnif malware in 2017 and were used to smuggle .zip archives…

Source…

2 Las Vegas casinos fell victim to cyberattacks, shattering the image of impenetrable casino security


AS VEGAS — A persistent error message greeted Dulce Martinez on Monday as she tried to access her casino rewards account to book accommodations for an upcoming business trip.

That’s odd, she thought, then toggled over to Facebook to search for clues about the issue on a group for MGM Resorts International loyalty members. There, she learned that the largest casino owner in Las Vegas had fallen victim to a cybersecurity breach.

Martinez, 45, immediately checked her bank statements for the credit card linked to her loyalty account. Now she was being greeted by four new transactions she did not recognize — charges that she said increased with each transaction, from $9.99 to $46. She canceled the credit card.

Unsettled by the thought of what other information the hackers may have stolen, Martinez, a publicist from Los Angeles, said she signed up for a credit report monitoring program, which will cost her $20 monthly.

“It’s been kind of an issue for me,” she said, “but I’m now monitoring my credit, and now I’m taking these extra steps.”

MGM Resorts said the incident began Sunday, affecting reservations and casino floors in Las Vegas and other states. Videos on social media showed video slot machines that had gone dark. Some customers said their hotel room cards weren’t working. Others said they were canceling their trips this weekend.

The situation entered its sixth day on Friday, with booking capabilities still down and MGM Resorts offering penalty-free room cancelations through Sept. 17. Brian Ahern, a company spokesperson, declined Friday to answer questions from The Associated Press, including what information had been compromised in the breach.

By Thursday, Caesars Entertainment — the largest casino owner in the world — confirmed it, too, had been hit by a cybersecurity attack. The casino giant said its casino and hotel computer operations weren’t disrupted but couldn’t say with certainty that personal information about tens of millions of its customers was secure following the data breach.

The security attacks that triggered an FBI probe shatter a public perception that casino security requires an “Oceans 11”-level effort to defeat…

Source…

Image Sensor Market Size to hit $49.4 Billion by 2030, Says Reports Insights


REPORTSINSIGHTS CONSULTING PVT LTD

REPORTSINSIGHTS CONSULTING PVT LTD

Key players covered in Image Sensor Market Report are Sony Corporation, Samsung Electronics Co. Ltd., Canon, Hamamatsu Photonics K.K, Panasonic Corporation, ON Semiconductor Corporation , STMicroelectronics N.V., SK Hynix, PixArt Imaging , Pixelplus, GalaxyCore Shanghai Ltd. Corporation, PMD Technologies AG, AMS AG

Ney Work, Dec. 08, 2022 (GLOBE NEWSWIRE) — As per the research report Image Sensor Market published by Reports Insights, the market is projected to reach USD 49.4 billion by the year 2030 from the value of USD 26.3 billion in 2022, Is anticipated to register a CAGR of 8.2% during 2022-2030, propelled by augmented demand for technologically advanced smart devices and autonomous vehicles among consumers.

An image sensor, also known as imager, is the device that identifies and delivers the information which is used to form an image. The sensor converts the variable attenuation of light waves (or electromagnetic radiation) into the signals/minor bursts of current that transfer the information. The crucial function of the image sensor is to convert photons into electrons, and further into a digital value or voltage with the help of analog to digital converter (ADC).

Get Sample Report: – https://www.reportsinsights.com/sample/673627

The advanced products such as Sony’s CMOS Image Sensor integrated in Automotive Cameras are designed to create the “Beyond Human Eyes” camera systems for effective autonomous driving. Thus, the high integration of smart technology in automobiles is anticipated to boost the demand of image sensors.  Furthermore, the technologically advanced image sensor-based products aid in delivering the features like high-quality HDR capturing and LED flicker mitigation, which enables the high precision recognition irrespective of the lighting conditions.

Report Attributes

Report Details

Market Size By 2030 

$ 49.4 billion

Study Timeline

2018-2030

CAGR (2022-2030)

8.2%

Base Year

2022

Forecast Period

2022-2030

Report Coverage

Total Revenue Forecast, Company Ranking and Market Share, Regional Competitive Landscape, Growth Factors, Business Strategies, and more

By Technology

Charge-Coupled Device (CCD), Complementary Metal Oxide…

Source…

Hacking campaign uses infected James Webb Telescope image


A newly discovered hacking campaign is exploiting an image from the James Webb Telescope to infect targets with malware.

Detailed today by researchers at Securonix Inc. and dubbed “GO#WEBBFUSCATOR,” the campaign leverages a deep field image taken from the telescope and obfuscated Golang programming language payloads to infect a potential victim.

The infection vector starts with a phishing email containing a Microsoft Office attachment containing an external reference hidden inside the document’s metadata which downloads a malicious template file. When the document is opened, the malicious template file is downloaded and saved on the system, initiating the first stage of code execution for the attack.

Eventually, the script downloads a JPEG image that shows the James Webb Telescope deep field image. The image contains malicious Base64 code disguised as an included certificate, which is then decrypted and saved into a built-in Windows executable called “msdllupdate.exe.”

The generated file is a Windows 64-bit executable about 1.7 megabytes in size and employs several obfuscation techniques to hide from antivirus software and to make analysis difficult. “At the time of publication, this particular file is undetected by all antivirus vendors,” the researchers note.

“It’s clear that the original author of the binary designed the payload with both some trivial counter-forensics and anti-endpoint detection and response detection methodologies in mind,” the researchers added.

The researchers conclude that the methodology used in the attack chain is interesting. Although the use of Golang is not uncommon, its combination, in this case, with the Certuitil command-line program is much less common.

“This campaign once again proposes the risk inherent in the concept of digital trust and its implications in the field of security,” Paolo Passeri, principal sales engineer at cybersecurity software company Netskope Inc., told SiliconANGLE.

Referencing the growth of remote work, Passeri noted that “users now place more reliance on digital interactions than on human ones, which lowers the level of guard against any content coming from the internet and are no…

Source…