Browsing tag
The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. “The threat actor targets Ukrainian employees working for companies outside of Ukraine,” cybersecurity firm Deep Instinct said in a Thursday analysis. UAC-0099 […]
Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian countries like Indonesia, Thailand, and Vietnam since early September 2023. “Spreading primarily through messaging services, it combines app-based malware with social engineering to defraud banking customers,” Oslo-based mobile app security firm Promon said in an […]
Threat actors are targeting the education, government and business services sectors with a remote access trojan called NetSupport RAT. “The delivery mechanisms for the NetSupport RAT encompass fraudulent updates, drive-by downloads, utilization of malware loaders (such as GHOSTPULSE), and various forms of phishing campaigns,” VMware Carbon Black researchers said in a report shared with The […]
A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an “economically motivated” actor that first came to light in 2021. “DarkCasino is an APT threat actor with strong […]
The open-source remote access trojan known as Quasar RAT has been observed leveraging DLL side-loading to fly under the radar and stealthily siphon data from compromised Windows hosts. “This technique capitalizes on the inherent trust these files command within the Windows environment,” Uptycs researchers Tejaswini Sandapolla and Karthickkumar Kathiresan said in a report published last […]
Services offered by an obscure Iranian company known as Cloudzy are being leveraged by multiple threat actors, including cybercrime groups and nation-state crews. “Although Cloudzy is incorporated in the United States, it almost certainly operates out of Tehran, Iran – in possible violation of U.S. sanctions – under the direction of someone going by the […]
With the release of the PhaaS platform called ‘Caffeine’, threat actors can now easily launch their own sophisticated phishing attacks. Anyone who wants to start their own phishing campaign will be able to register on this platform through an open registration process. Caffeine has been thoroughly tested by the analysts at Mandiant. This is a […]
Researchers at Resecurity noticed threat actors leveraging Open Redirect Vulnerabilities which is popular in online services and apps to evade spam filters to deliver phishing content. Trusted service domains like Snapchat and other online services make special URLs that lead to malicious resources with phishing kits. The kit identified is named ‘LogoKit’ that was earlier […]
At least three different advanced persistent threat (APT) groups from across the world have launched spear-phishing campaigns in mid-March 2022 using the ongoing Russo-Ukrainian war as a lure to distribute malware and steal sensitive information. The campaigns, undertaken by El Machete, Lyceum, and SideWinder, have targeted a variety of sectors, including energy, financial, and governmental […]
The vulnerability was identified and fixed in 2013 but in 2014 Microsoft revised the fix allowing Malsmoke hackers in 2022 to spread ZLoader malware. Israel-based cybersecurity firm Check Point Research has been assessing a sophisticated infection chain since Nov 2021. Researchers have now published their report, stating that a new ZLoader malware campaign is underway […]
The patch was issued for CVE-2021-40444 to prevent the execution of code that downloaded the Microsoft Cabinet (CAB) archive containing a malicious executable. Sophos Labs researchers have shared their findings over how attackers used a novel exploit to bypass a patch for a crucial vulnerability impacting the Microsoft Office file format. Researchers revealed that the […]
Scammers are exploiting the release of Spider-Man: No Way Home movie to steal credit card and banking data along with harvesting login credentials of unsuspected users, Kaspersky has warned. Since the dawn of the COVID-19 era, online streaming of films has increased significantly. This has provided scammers with an exclusive new opportunity to exploit the […]
The latest Omicron phishing scam is currently targeting unsuspecting users in the United Kingdom and uses fake NHS emails to do so. Omicron is the new variant of COVID-19 that has stirred anxiety worldwide, and scammers are eager to exploit this new opportunity to trap innocent users and steal data. According to consumer watchdog group […]
The noteworthy aspect of this phishing campaign is that the emails were sent as replies to previously sent messages, due to which these appeared legit. According to the IT security researchers at Certitude, a Vienna-based consulting firm specializing in communication technology risks and information management, threat actors are exploiting unpatched Microsoft Exchange Servers to send […]
The attacks started in July 2021 in which threat actors exploited Microsoft MSHTML vulnerability to target overseas Iranians. SafeBreach Labs researchers discovered a new Iranian threat actor trying to steal Instagram and Google (Gmail) login credentials of Farsi-speakers globally. The threat actor is using a new PowerShell-based stealer dubbed PowerShortShell by SafeBreach Labs. The attacks […]
The database was left exposed on an Elasticsearch Cluster without any password or security authentication. StripChat is one of the top five adult cam sites on the internet. Earlier this month, this site suffered a database mess up that leaked sensitive data, including payment details and chat messages of roughly 200 million of the site’s […]
Google attributed the malware campaign to a group of attackers recruited via a Russian-language hacker forum. Google has disclosed details of a new campaign involving phishing attacks launched against YouTube channel owners with the sole purpose of hijacking their channels. According to the report, threat actors are using cookie theft malware in the attacks to […]
Cybersecurity companies are the backbone to fight cybercrime – Let’s dig deeper into which cybersecurity company is doing what and how. Cybersecurity companies play a crucial role in protecting businesses from cybercriminals. Cybersecurity firms have a set of methods that can be utilized for protecting software, data, network, and other devices which are connected to […]
Did you know if you were to compare the money generated by cybercrime with the GDP of world nations, it would come third behind the economic powerhouses of America and China? Cybercrime is one of the greatest dangers facing both individuals and companies today. By the end of 2021, the total cost [PDF] of online […]
The IT security researchers at Proofpoint have discovered a new malware campaign in which threat actors from a group called TA544 are targeting organizations in Italy with Ursnif banking trojan. Ursnif (also known as Gozi) has a history of targeting Italian organizations over the past year. The malware is capable of stealing banking information from […]
Microsoft Office zero-day also dubbed MSHTML attack exploited to target Russian government including Interior ministry and State Rocket Center. Malwarebytes Intelligence team reports that the MSHTML vulnerability classified as CVE-2021-40444 has become the focus of threat actors targeting Russian government entities. Malwarebytes researchers intercepted phishing email attachments revealing that attackers were trying to target Russian organizations. The […]