News
‘I Am Not a Robot’, CAPTCHAs Being Used to Spread Malware, HP Warns
Today at its annual Amplify Conference, HP Inc. (NYSE: HPQ) issued the latest HP Threat Insights Report, highlighting rising usage of fake CAPTCHA verification tests which allow threat actors to trick users into infecting themselves. The campaigns show attackers are capitalizing on people’s increasing familiarity with completing multiple authentication steps online – a trend HP calls ‘click tolerance’.
With analysis of real-world cyberattacks, the HP Threat Insights Report helps organizations to keep up with the latest techniques cybercriminals are using to evade detection and breach PCs. Based on data from millions of endpoints running HP Wolf Security1, notable campaigns identified by HP threat researchers include:
CAPTCHA Me If You Can: As bots get better at bypassing CAPTCHAs, authentication has grown more elaborate – meaning users have become more accustomed to jumping through hoops to prove they are human. HP threat researchers identified multiple campaigns where attackers crafted malicious CAPTCHAs. Users were directed to attacker-controlled sites, and prompted to complete a range of fake authentication challenges. Victims were tricked into running a malicious PowerShell command on their PC that ultimately installed the Lumma Stealer remote access trojan (RAT).
READ ALSO: HP Report Uncovers South African Youth’s Growing Interest in Gaming Careers Amid Awareness Gap
Attackers Capable of Accessing End-Users’ Webcams and Microphones to Spy on Victims: A second campaign saw attackers spreading an open source RAT, XenoRAT, with advanced surveillance features such as microphone and webcam capture. Using social engineering techniques to convince users to enable macros in Word and Excel documents, attackers could control devices, exfiltrate data, and log keystrokes – showing Word and Excel still present a risk for malware deployment.
Python Scripts Used for SVG Smuggling: Another notable campaign shows how attackers are delivering malicious JavaScript code inside Scalable Vector Graphic (SVG) images to evade detection. These images are opened by default in web browsers and execute the embedded code to deploy seven payloads—including RATs and infostealers—offering redundancy and monetization opportunities for the attacker. As part of the infection chain, the attackers also used obfuscated Python scripts to install the malware. Python’s popularity – which is being further boosted by rising interest in AI and data science – means it is an increasingly attractive language for attackers to write malware, as its interpreter is widely installed.
Patrick Schläpfer, Principal Threat Researcher in the HP Security Lab, comments:
“A common thread across these campaigns is the use of obfuscation and anti-analysis techniques to slow down investigations. Even simple but effective defence evasion techniques can delay the detection and response of security operations teams, making it harder to contain an intrusion. By using methods like direct system calls, attackers make it tougher for security tools to catch malicious activity, giving them more time to operate undetected – and compromise victims endpoints.”
READ ALSO: HP Revolutionizes Large Format Printing With The New 36-inch DesignJet Portfolio
By isolating threats that have evaded detection tools on PCs – but still allowing malware to detonate safely inside secure containers – HP Wolf Security has specific insight into the latest techniques used by cybercriminals. To date, HP Wolf Security customers have clicked on more than 65 billion email attachments, web pages, and downloaded files with no reported breaches.
The report, which examines data from calendar Q4 2024, details how cybercriminals continue to diversify attack methods to bypass security tools that rely on detection, such as:
At least 11% of email threats identified by HP Sure Click bypassed one or more email gateway scanners.
Executables were the most popular malware delivery type (43%), followed by archive files (32%).
Dr. Ian Pratt, Global Head of Security for Personal Systems at HP Inc., comments:
“Multi-step authentication is now the norm, which is increasing our ‘click tolerance.’ The research shows users will take multiple steps along an infection chain, really underscoring the shortcomings of cyber awareness training. Organizations are in an arms race with attackers—one that AI will only accelerate.
To combat increasingly unpredictable threats, organizations should focus on shrinking their attack surface by isolating risky actions – such as clicking on things that could harm them. That way, they don’t need to predict the next attack; they’re already protected.”
News
Shatta Wale Bailed Burna Boy From Ghana Prison After Arrest For Smoking Weed – Captan
Ghanian singer, Captan, has claimed that his former record label boss, Shatta Wale, once bailed Nigerian singer Burna Boy out of prison in Ghana after he was allegedly arrested for smoking weed.
Speaking in a recent podcast interview, Captan claimed that Shatta Wale sent him and others to free Burna Boy from police custody.
He also claimed that Shatta Wale and his group once accommodated Burna Boy when he was being hunted by some dangerous men.
READ ALSO: Wale Edun Opens Up After Sack
Captan said, “I once bailed Burna Boy out of prison in Ghana when he was arrested for smoking weed. Shatta Wale sent me and some guys to go and free him from police custody.
“There was a time we also accommodated him when some people were after his life. We helped him settle the case.”
He added that he and Burna Boy are no longer in good terms after the Nigerian artist’s fallout with his mentor, Shatta Wale.
He, however, said he and Shatta Wale are open to reconciling with Burna Boy if he asks for it.
Watch the video here
News
Children’s Day: Chaos At Ogbe Stadium As Dozens Faint
Chaos erupted on Wednesday during the Children’s Day celebration as dozens of students reportedly collapsed following a stampede triggered by the use of pepper spray.
The event,
organised by the Edo State Ministry of Education at the Samuel Ogbemudia Stadium was disrupted after some male students of Ihogbe College allegedly made uncompromising advances towards female students at the venue.
A parent who identified himself as Oboh Emmanuel said, “the behaviour of those uncultured students attracted the attention of bouncers stationed at the stadium as they rebuked the male students.”
Oboh said the affected students later regrouped and attacked the bouncers, leading to a confrontation within the crowded arena.
READ ALSO:Children’s Day: Edo Commits To Child Protection
It was gathered that in the ensuing confusion, the bouncers were reported to have deployed pepper spray in an area occupied by a large number of students.
Several students, particularly female students, reportedly fainted after inhaling the substance, while others sustained injuries after being stepped on during the ensuing melee.
The panic was said to have spread across the stadium as students, teachers and parents scampered for safety.
Many of the affected students were reportedly rushed to the Edo Specialist Hospital for medical attention.
READ ALSO: Egor LG Chair, Ogbemudia, Vice, Osawe Impeached
Reacting to the incident, Chief Press Secretary to Governor Monday Okpebholo, Dr Patrick Ebojele, said the security personnel that fired the tear gas had been detained.
He said all the students, except two, that were rushed to the hospital have been discharged.
Ebojele stated that doctors wanted to observe the students till tomorrow before allowing them to go home.
“The two students are not seriously injured. Doctors want to observe them overnight. Permanent Secretary, Ministry of Education is still at the hospital. The man who used pepper spray has been detained.
“The incident did not happen the way it is being exaggerated. All modalities were put in place to ensure the children enjoyed their day.”
News
Okpebholo Salutes Edo Muslims, Seeks Continued Support, Prayers
Governor Monday Okpebholo of Edo State has urged Muslims and all Nigerians to continue to pray for peace, unity and progress in the country even as they celebrate the annual Eid-al-Adha
The governor, who was represented by his deputy, Dennis Idahosa, stated this during the annual Eid-al-Adha celebration with Muslim faithfuls held at Government House in Benin City.
He reiterated his administration’s commitment to fairness, inclusivity and equal opportunities for all citizens irrespective of religion and tribe.
READ ALSO:ADC Penetrates Okpebholo’s District As Defections Strengthen Party in Edo Central
According to him, the present administration remains determined to building a government that reflects the diversity of Edo State, noting that competent and qualified Muslims have continued to play vital roles in his government because of their capacity, integrity and commitment to service.
“As a government, we remain committed to fairness, inclusivity and equal opportunity for every Edo citizen, irrespective of religion, ethnicity or political affiliation. This is why quality and competent Muslims are serving in key positions in our administration.”
Okpebholo appreciated the Muslim community in Edo State for their unwavering support and continuous prayers for his administration, noting that such prayers and support have contributed immensely to the peace and steady development being witnessed across the state.
READ ALSO:Okpebholo Felicitates Muslims On Eid-el-Fitr Celebration
He then called on all Nigerians to use the occasion of Eid-al-Adha to pray for the administration of President Bola Ahmed Tinubu, stressing that the country needs collective prayers, unity and cooperation to overcome its present economic and security challenges.
“I urge all Muslims and indeed all Nigerians to use this occasion to pray for our dear nation and for the administration of President Bola Ahmed Tinubu. Nigeria needs our collective prayers, unity and support as we strive to overcome our challenges and build a more prosperous future for all.”
In his remarks, the Chief Imam of Edo State, Abdulfatai Enabulele, applauded the governor for what he described as remarkable developmental strides recorded in less than two years in office.
The cleric commended the administration for ongoing infrastructural development and efforts geared towards improving governance in the state, but appealed to the government to revisit and complete some abandoned projects inherited from the previous administration for the benefit of the people.
Metro5 days agoMy Husband Abandoned Me On Our Wedding Night To Attend Political Meeting, I Want Our Marriage Dissolved
- Headline4 days ago
Woman Passes Out After Receiving 100 Strokes Of Cane
- Headline4 days ago
JUST IN: White House Locked Down Briefly As Gunman Opens Fire At Security Checkpoint
- Politics5 days ago
Warri Ijaw Hail INEC Delineation Report, Call For Additional Electoral Wards, Others
- Politics3 days ago
Two Masked Men Gun Down Politician In His Rivers State Hotel
- News5 days ago
Alleged Terrorism: Court Rejects Defendant’s Bid To Travel Abroad
- Metro5 days ago
My Wife Stop Cooking My Food, Beats Me Black And Blue All the Time, Man Tells Court
- News3 days ago
More Pain For Nigerians As Cooking Gas Price Increases Nationwide
- Politics5 days ago
What I’ll Do As President Of Nigeria — Amaechi
- Politics3 days ago
‘Tinubu’s Borrowing In 24 Months Surpasses 55 Years’ Debt Record’
