September 15, 2024 at 02:18PM A new malware campaign locks users in their browser’s kiosk mode to prompt them for Google credentials, which are then stolen by information-stealing malware. This uncommon method serves to frustrate and deceive users into entering sensitive information. Based on the meeting notes, it appears that a malware campaign has been … Read more
July 15, 2024 at 10:16AM Cybercriminals are using Facebook business pages and ads to promote fake Windows themes, pirated games, and software, infecting users with the SYS01 malware. They exploit hijacked or newly-created pages to reach users, stealing personal information and Facebook cookies. The malware targets browsers, cryptocurrency wallets, and Facebook account data, posing a … Read more
June 30, 2024 at 10:35AM Fake IT support sites are promoting malicious PowerShell “fixes” to infect devices with information-stealing malware, targeting common Windows errors like the 0x80070643 error. Threat actors are creating fake videos and sites, with YouTube channels being hijacked to add legitimacy. Users should be cautious and seek fixes from trusted sources to … Read more
January 6, 2024 at 11:46AM Malware is exploiting an undocumented Google Chrome API to generate new authentication cookies from stolen ones. Multiple malware operations are using this technique to gain access to users’ Google accounts through the API, and Google has downplayed the severity of the issue. The company urges affected users to take precautionary … Read more
November 7, 2023 at 04:42AM The Pakistan-linked threat actor called SideCopy has been using a recent WinRAR security vulnerability to target Indian government entities. They are delivering remote access trojans such as AllaKore RAT, Ares RAT, and DRat. This campaign is multi-platform, targeting both Windows and Linux systems. SideCopy is suspected to be a sub-group … Read more