Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Blog

January 02, 2024 โ€“ Cyber Briefing

January 2, 2024
Reading Time: 8 mins read
in Blog, Cyber Briefing, Incidents

๐Ÿ‘‰ Whatโ€™s going on in the cyber world today?

JinxLoader, DLL Exploit, Lumma Stealer, INC RANSOM, Xerox Corporation, Cactus Ransomware,  Coop, Sweden, Orbit Bridge, Australiaโ€™s Court, irleaks, Iran, UK Nuclear Waste Project Developer, Black Basta Ransomware, NY Hospitals, Indonesia, Bitcoin Mines, Crypto, Orgon, Anonymous Colombia.

 



๐Ÿšจ Cyber Alerts


1. JinxLoader Cyber Threat Unveiled

Cybersecurity firms Palo Alto Networks Unit 42 and Symantec reveal a new threat on the horizonโ€”JinxLoader, a Go-based malware loader employed by threat actors to deploy next-stage payloads like Formbook and XLoader. Paying homage to the League of Legends character Jinx, the malware operates with a straightforward yet potent missionโ€”loading malicious payloads. Advertised on hackforums[.]net for $60 a month or $200 for a lifetime fee, JinxLoader is infiltrating systems through phishing emails, impersonating Abu Dhabi National Oil Company (ADNOC) and relying on multi-step attack sequences to wreak havoc.


2. Windows DLL Threat Unveiled

A new threat emerges as security researchers uncover a sophisticated variant of DLL search order hijacking, presenting a potential security loophole for attackers targeting systems running Microsoft Windows 10 and Windows 11. Cybersecurity firm Security Joes details this novel technique that leverages executables in the trusted WinSxS folder, allowing threat actors to bypass security measures and execute malicious code without requiring elevated privileges. Unlike traditional DLL search order hijacking, this method introduces a subtle and stealthy approach, emphasizing the need for organizations to closely monitor activities in the WinSxS folder and examine parent-child relationships between processes to thwart potential exploitation.


3. Lumma Stealer Threatens Google Accounts

Researchers raise alarm as multiple malware-as-a-service info stealers, notably the Lumma Stealer, now possess the ability to manipulate authentication tokens, providing hackers with persistent access to a victimโ€™s Google account even after a password reset. Cybersecurity firm CloudSEK reports that since November, Lumma Stealer has incorporated this capability, exploiting the undocumented functionality of OAuth 2.0, a widely-used security protocol for Google-connected accounts via single sign-on. The sophistication of this exploit, coupled with its blackboxing approach to hide malicious activities, marks a concerning trend in the evolving landscape of cyber threats, as other malware distribution groups quickly adopt and spread this vulnerability, posing severe risks to affected users and organizations.


4. Researchers Jailbreak AI Chatbots

Researchers at Nanyang Technological University in Singapore employed a technique known as โ€œjailbreakingโ€ to compromise and manipulate chatbots, including ChatGPT, Google Bard, and Microsoft Bing, making them generate content that violated their own guidelines. The research team exploited flaws in the chatbotsโ€™ systems, using a database of successful prompts to train a large language model (LLM) capable of automating the generation of jailbreak prompts. Despite developersโ€™ efforts to implement guardrails against generating inappropriate content, the study reveals the vulnerability of AI chatbots to jailbreak attacks, emphasizing the need for continuous vigilance and security enhancements in the development of AI technologies.



๐Ÿ’ฅ Cyber Incidents


5. INC RANSOM Hacks Xerox Corp

Xerox Corp, known for its global document management solutions, confronts a breach claimed by the INC RANSOM ransomware group, threatening to expose allegedly pilfered data. The ransomware group published images of documents as evidence and remains responsible for breaching over 40 organizations since its 2023 inception, heightening concerns about the extent of data compromised from Xerox Corp.


6. Cactus Hack Hits Swedish Coop

Coop, a significant Swedish retail and grocery provider, confronts a severe security threat as the Cactus ransomware group claims access to more than 21,000 directories of personal information. Despite Coopโ€™s unique profit-sharing model, this breach emphasizes the aggressive tactics of ransomware groups, raising alarm about cybersecurity risks within retail sectors. The sophistication displayed by the Cactus ransomware operation in employing encryption methods and legitimate tools for data access amplifies the vulnerability of Coop and its extensive chain of stores.


7. Orbit Chain Hit by $82M Cyber Attack

In a recent cyber attack, hackers reportedly exploited the Orbit Bridge, a crucial bridging service in the cross-chain protocol Orbit Chain, making off with a staggering $82 million. Pseudonymous Twitter user Kgjr and blockchain security firm Cyvers brought attention to the exploit, revealing significant outflows from the Orbit Chain Bridge protocol. The hackers conducted five separate transactions, siphoning $81.68 million in Tether, USD Coin, Ether, Wrapped Bitcoin (WBTC), and Dai to new wallets, raising concerns about the security of the Orbit Chain protocol and its connections to the Klaytn network.


8. Cyber Attack Hits Victoriaโ€™s Court System

Australian Victoriaโ€™s court system grapples with a cyber-attack, revealing unauthorized access to weeks of recorded hearings. Court Services Victoria (CSV) detected the breach on December 21, tracing back the compromise of the audio-visual technology network to November 1. The breach, affecting supreme, county, magistrates, and coronerโ€™s courts, raised concerns about data access, with CSV taking measures to isolate the affected network and strengthen security across the broader court technology system.


9. Iran Cyber Breach Exposes 160M Records

A mysterious hacker, known as โ€˜irleaks,โ€™ targeted major insurance companies in Iran, offering over 160 million records for sale, sparking concerns about sensitive data breaches. The hacker claimed possession of extensive personal details, prompting worries over cybersecurity vulnerabilities within the countryโ€™s insurance sector and beyond. Hudson Rockโ€™s analysis confirmed the authenticity of the leaked data, hinting at a potentially coordinated cyber operation by an unidentified nation-state actor.


10. UK Nuclear Waste Project Faces Cyber Threats

Cyber-hackers have set their sights on Radioactive Waste Management (RWM), the company overseeing the ยฃ50 billion Geological Disposal Facility (GDF) project, aimed at building an extensive underground nuclear waste store in the UK. The unsuccessful breach attempt was orchestrated via LinkedIn, where hackers targeted individuals associated with the GDF project. Although the cyber incidents had no significant impact, the revelation underscores the persistent threats faced by major projects, emphasizing the need for robust cybersecurity measures in critical infrastructure development.



๐Ÿ“ข Cyber News


11. Decryptor Recovers Black Basta Files

Security Research Labs has developed a decryptor, known as the โ€œBlack Basta Buster,โ€ exploiting a flaw in the Black Basta ransomwareโ€™s encryption algorithm. Victims targeted from November 2022 to the present may be able to recover their files for free using this tool. Although effective for recent attacks, the decryption technique is no longer applicable to newer incidents as Black Basta developers patched the bug in their encryption routine about a week ago, tightening security measures in the ransomware.


12. NY Hospitals Pursue Ransomware Data

Two New York hospitals, Carthage Area Hospital and Claxton-Hepburn Medical Center, join forces in the North Star Health Alliance to serve over 220,000 residents, seeking legal action to retrieve data stolen by LockBit ransomware and stored on a Boston cloud companyโ€™s servers. The hospitalsโ€™ lawsuit aims to recover patientsโ€™ sensitive information, including financial details and health records, demanding the destruction of all copied data from the ransomware gang, a move crucial to safeguarding affected individuals and preventing further data misuse. LockBitโ€™s wider disruptive impact on emergency care, affecting hospitals globally, underscores the urgency and severity of this ransomware threat, as it continues to target organizations worldwide, extorting millions since 2020.


13. Bitcoin Mining Crackdowns

Indonesian police have closed 10 Bitcoin mining operations, accusing organizers of nearly $1 million in electricity theft. The North Sumatra Police confiscated 1,134 mining machines and equipment, alleging tampering with electrical circuits to power the extensive operation. This follows a Chinese officialโ€™s life sentence for facilitating electricity access for a $329 million Bitcoin mining enterprise, highlighting the global crackdown on unauthorized power usage in the crypto mining sector.


14. Crypto Theft Declines, But Risks Persist

Despite a decrease in crypto theft this year, hackers still managed to steal around $2 billion in various cyberattacks, marking a downturn in the trend since 2020, according to crypto security firms De.FI and TRM Labs. Notable incidents included the $600 million breach of the Ronin network in 2022 and the $200 million hack against Mixin Network in 2023. The report emphasizes the ongoing vulnerabilities within the DeFi ecosystem, pointing out both the strides made in addressing them and the persistent challenges faced by the industry.


15. Anonymous Colombia Hacker Sentenced

A judge in Bogotรก sentenced Andres Felipe Cardoso Alvarez, alias Orgon, reportedly linked to Anonymous Colombia, to over 3 years and 5 months in prison for computer crimes. Cardoso illicitly accessed multiple private and public websites, including the Colombian presidentโ€™s office, mayoral offices, and environmental entities. The Police Cyber Center, contributing to the investigation, highlighted the decentralized structure of Anonymous Colombia, emphasizing that members work independently within hacking operations.



Copyright ยฉ 2024 CyberMaterial. All Rights Reserved.

Tags: BlogCyber AlertCyber BriefingCyber Newscyber-incidentDLL ExploitJanuary 2024JinxLoaderLumma StealerXerox Corporation
ADVERTISEMENT

Related Posts

Arla Foods Dairy Plant Production Halted By A Disruptive Cyberattack

Arla Plant Cyberattack Halts Operations

May 19, 2025
Massive DDoS Attack Cripples Poland's Civic Platform And Public Entities

Massive DDoS Hits Polandโ€™s Civic Platform

May 19, 2025
Georgiaโ€™s Harbin Clinic Hit by Data Breach

Georgiaโ€™s Harbin Clinic Hit by Data Breach

May 19, 2025
Coinbase Insider Attack Exposed User Data

Coinbase Insider Attack Exposed User Data

May 16, 2025
Coinbase Insider Attack Exposed User Data

Hackers Target Swiss Reserve Power Plant

May 16, 2025
Coinbase Insider Attack Exposed User Data

Cyberattack Hits J Batista Group

May 16, 2025

Latest Alerts

Mozilla Urgent Firefox Patch Fixes RCE Flaws

ModiLoader Malware Targets Windows Users

Glibc Flaw Gives Linux Root Access Risk

Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

APT28 RoundPress Webmail Hack Steals Emails

Subscribe to our newsletter

    Latest Incidents

    Massive DDoS Hits Polandโ€™s Civic Platform

    Arla Plant Cyberattack Halts Operations

    Georgiaโ€™s Harbin Clinic Hit by Data Breach

    Hackers Target Swiss Reserve Power Plant

    Coinbase Insider Attack Exposed User Data

    Cyberattack Hits J Batista Group

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    ยฉ 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright ยฉ 2025 CyberMaterial