Recent Security News
-
Fake Copyright Infringement Emails Spread Rhadamanthys
November 6, 2024 at 05:56PM Check Point Research has tracked a spear-phishing campaign, “CopyR(ight)hadamantys,” targeting hundreds of companies globally with emails claiming copyright infringement. The emails deliver the sophisticated infostealer Rhadamanthys, capable of stealing sensitive data. Attackers use automation to send these messages, often impersonating known brands in technology and entertainment industries. ### Key Takeaways…
-
Chinese Gamers Targeted in Winos4.0 Framework Scam
November 6, 2024 at 05:27PM Researchers have identified Winos 4.0, a malicious framework spread through gaming utility tools. Rebuilt from Gh0strat, it enables complex attack campaigns targeting Chinese-speaking users via SEO and social media. The malware executes via a fake BMP file, emphasizing the need for users to download software only from trusted sources. ###…
-
Cybercrooks are targeting Bengal cat lovers in Australia for some reason
November 6, 2024 at 04:51PM Sophos reports that the Gootloader malware, known for SEO poisoning tactics, targets niche victims, including Australian Bengal cat enthusiasts. As an infostealer or malware dropper, it exploits search queries to deliver malicious payloads. The use of malvertising is rising, connecting cybercrime to ransomware operations, prompting action from cybersecurity agencies. ###…
-
German Law Could Protect Researchers Reporting Vulns
November 6, 2024 at 04:36PM Germany’s draft legislation aims to protect security researchers from criminal liability when reporting cyber vulnerabilities. It amends existing laws to define criteria for legitimate security research and proposes penalties for malicious acts, with the intent to encourage reporting flaws rather than punishing those who identify them. ### Meeting Takeaways: 1.…
-
Hackers increasingly use Winos4.0 post-exploitation kit in attacks
November 6, 2024 at 04:28PM Hackers are increasingly using the Winos4.0 framework to target Windows users, especially in China, through game-related apps. The malware executes a multi-step infection process, collects system data, and can evade security tools. Fortinet and Trend Micro have noted its potent capabilities, indicating a rise in malicious campaigns. ### Meeting Takeaways…