One Article Review
| Source |  knowbe4 |
|---|---|
| Identifiant | 8334782 |
| Date de publication | 2023-05-09 13:00:00 (vue: 2023-05-09 13:09:04) |
| Titre | Cyberheistnews Vol 13 # 19 [Watch Your Back] Nouvelle fausse erreur de mise à jour Chrome Attaque cible vos utilisateurs CyberheistNews Vol 13 #19 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users |
| Texte |
CyberheistNews Vol 13 #19 | May 9th, 2023
[Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users
Compromised websites (legitimate sites that have been successfully compromised to support social engineering) are serving visitors fake Google Chrome update error messages.
"Google Chrome users who use the browser regularly should be wary of a new attack campaign that distributes malware by posing as a Google Chrome update error message," Trend Micro warns. "The attack campaign has been operational since February 2023 and has a large impact area."
The message displayed reads, "UPDATE EXCEPTION. An error occurred in Chrome automatic update. Please install the update package manually later, or wait for the next automatic update." A link is provided at the bottom of the bogus error message that takes the user to what\'s misrepresented as a link that will support a Chrome manual update. In fact the link will download a ZIP file that contains an EXE file. The payload is a cryptojacking Monero miner.
A cryptojacker is bad enough since it will drain power and degrade device performance. This one also carries the potential for compromising sensitive information, particularly credentials, and serving as staging for further attacks.
This campaign may be more effective for its routine, innocent look. There are no spectacular threats, no promises of instant wealth, just a notice about a failed update. Users can become desensitized to the potential risks bogus messages concerning IT issues carry with them.
Informed users are the last line of defense against attacks like these. New school security awareness training can help any organization sustain that line of defense and create a strong security culture.
Blog post with links:https://blog.knowbe4.com/fake-chrome-update-error-messages
A Master Class on IT Security: Roger A. Grimes Teaches You Phishing Mitigation
Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they\'re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more.
Join Roger A. Grimes, KnowBe4\'s Data-Driven Defense Evangelist, |
| Envoyé | Oui |
| Condensat | #19 #19 #starwars #wesanderson 02/ai 100 120 1749 1832 1937:https://www 1942 2017 2023 28th 2:00 30+ 365 405 438 475 56nuacoc6w 80percent 938 9th :https://therecord :https://www aa1abcum ability able about absolutely abuses accounts achievement across act action active actual add adding additionally administrator administrators adopt advanced advertisers affected after afterwards again against agents ago agree ahead/ar ahead:https://www ai:https://flipboard akin alert all almost alpine:https://www also ammo amusing and/or announced annual anonymous answers any anything api app appeared appellate april apt28 are area argument around artifacts artificial asked assigning assistance assistant associated atomic attachment attachments attack attack/385866/ attack:https://www attacks attend authenticity author automate automatic award awareness away awesome:https://www back backflips background bad ball barracuda base based basic bear because become been before behalf being believes below benign berkshire best bff bikes bill billion billions blamed bleepingcomputer block blocklist blog bloghttps://blog bloomberg blundering bodies bogus bomb both bottom boyfriend brad breach breaches brick:https://www browser budget buffet buffett building business but button calculated call called campaign campaigns can can: carefully carries carry categories: caused centric ceo ceoknowbe4 cert champion chance charlie chatbot chatbot:https://www chatbots chatgpt chatgptrivals chats checks cheese:https://www children china chn chrome cio cities class clean clearly clever cnbc collide color com/120 com/2023/05/03/google com/2023/05/06/ai com/advertorial/2023/04/18/why com/ai/its com/curiousrefuge/status/1652412004626497536 com/cyberheistnews com/cybersecurity/2023/05/us com/en com/eye com/fake com/feet com/news/articles/2023 com/news/security/hackers com/news/security/kimsuky com/next/2023/05/02/rapid com/p/google com/phisher com/phishing com/press/knowbe4s com/response com/scams com/section/china/opinion/south com/story/fast com/video/independent/5aee5c065d com/watch com/weak com/wsj combination come comes comfortable coming commentaries commented commonly communicating companionship complete compliance complimentary comprehensive compromise compromised compromising computer computers con conceal concerned concerning concerns connections cons consider considered console constant consultant containing contains continued contributes control controls conversation conversational cosmic could council country court courtney cover coverage covered covering create credentials criminal criminals critical cryptojacker cryptojacking csm culture cunning customer customers cut cut:https://www cyber cyberattack cybercriminals cyberheist cyberheistnews cybersecurity cyberthreats cyberwire damages danger dangerous data date/time: days debuts decades dedicated deepmind def defend defense degrade demand demanded demo depth desensitized designed details develop device devolve different difficult diligently directory discord displayed disrupting distributes dives division document does dog dogs done doubled download downloads drain dramatically driven driving dune: duplicate during dust earnings easier easily easy effective effectiveness effortless efforts either email emails emergency emotionally emotions emotions/ employee employees empty encountering end engaged engineering enjoys enormous enough entire entities entries error espionage estate euractiv euronews evaluation evan evangelist even ever every everyone everywhere example example; exception excluded exclusion exe expected experience expires explosion expressed externally eye facebook fact failed failures fake falling familiar family fancy fascinating fave favorite fbi feared feature february feel feet file filters finally find firewall firm first five flatiron:https://www flaw: flight flixxy follow following formatting fortune forward founded founder fox friday friend friendly friends: from fully fun further future fxyugurg gap gaps/ gaps:https://www gathering generative get girl give gives godfath |
| Tags | Ransomware Data Breach Spam Malware Tool Threat Prediction |
| Stories | NotPetya NotPetya APT 28 ChatGPT ChatGPT |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.