October 25, 2023 at 11:41AM Winter Vivern, a low-profile threat group, has been exploiting a zero-day flaw in Roundcube Webmail servers to target governmental organizations and a think tank in Europe. The group sends a specially crafted email that loads an arbitrary JavaScript code, exploiting a newly discovered cross-site scripting flaw. Roundcube has released security … Read more
October 25, 2023 at 09:45AM The Winter Vivern threat actor has been using a zero-day vulnerability in Roundcube webmail software to access victim’s email accounts. Winter Vivern has previously targeted Ukraine, Poland, and government entities in Europe and India. The newly discovered vulnerability, CVE-2023-5631, allows for the injection of arbitrary JavaScript code. Attackers employ a … Read more
October 20, 2023 at 05:57AM ExelaStealer, a new information stealer, has emerged in the crowded world of off-the-shelf malware. It is an open-source infostealer with customizable features, capable of stealing various types of sensitive data from compromised Windows systems. ExelaStealer is sold on cybercrime forums and a dedicated Telegram channel for as low as $20 … Read more
October 16, 2023 at 10:03AM Russian hacking groups have been exploiting a security vulnerability in the WinRAR archiving utility to launch a phishing campaign. The attack involves malicious archive files that exploit the vulnerability, allowing the attacker to gain remote access to compromised systems. The campaign also steals data from Google Chrome and Microsoft Edge … Read more
October 13, 2023 at 07:06AM DarkGate, a piece of malware, is being spread through instant messaging platforms like Skype and Microsoft Teams. The malware is delivered disguised as a PDF document and triggers the download and execution of an AutoIt script that launches the malware. The malware can harvest sensitive data, conduct cryptocurrency mining, and … Read more
October 12, 2023 at 04:59PM A threat actor is using compromised Skype and Microsoft Teams accounts to distribute DarkGate, a malware associated with information theft, keylogging, cryptocurrency mining, and ransomware. The campaign targets organizations in the Americas, and the developer of DarkGate is advertising it on underground forums and leasing it out as a service … Read more
October 12, 2023 at 10:38AM The private sector’s utility, telecom, banking, transportation, and medical networks are facing unprecedented threats from state actors, particularly from China. The Director of National Intelligence warns that China is capable of launching cyberattacks that could disrupt critical infrastructure services within the United States. To protect their networks, organizations should cultivate … Read more
October 12, 2023 at 08:59AM Shadow PC, a cloud gaming service, has notified customers of a data breach resulting from a social engineering attack on an employee. An info-stealer malware was used to steal customer data, including names, email addresses, dates of birth, billing addresses, and credit card expiration dates. Shadow has revoked the stolen … Read more
October 10, 2023 at 10:06AM Many cybercriminals still rely on non-sophisticated attacks because they are effective. These include phishing attacks and credential harvesting, often obtained through social engineering. Automation and AI are increasingly being used by bad actors to conduct attacks more efficiently. To defend against these attacks, organizations need to bolster human defenses through … Read more