October 8, 2024 at 04:32PM The Mamba 2FA platform is an emerging phishing-as-a-service (PhaaS) tool, targeting Microsoft 365 accounts through AiTM attacks. It offers a competitive price of $250/month and has evolved to enhance stealthiness and longevity. It specifically targets Microsoft 365 users and offers phishing templates for various services. This platform poses a significant … Read more
October 4, 2024 at 03:49PM The US Department of Justice and Microsoft collaborated to take down over 100 domains linked to the Russian hacker group Star Blizzard, known for targeting journalists, non-governmental organizations, and Russia experts. This action aims to disrupt their cyber activities and protect against potential election interference. However, experts anticipate continued threats … Read more
October 1, 2024 at 03:45AM Over 140,000 phishing websites linked to Sniper Dz, a phishing-as-a-service platform, have been discovered. It offers free services, drawing in cybercriminals, while also collecting stolen credentials. Aspiring threat actors can easily mount phishing attacks through PhaaS platforms, such as Sniper Dz. The platform operates openly and has been observed targeting … Read more
September 30, 2024 at 11:11AM A recruitment officer fell for a sophisticated spear-phishing lure by downloading a malicious file disguised as a resume, resulting in a more_eggs backdoor infection. The Trend Micro MDR team utilized the Vision One platform to contain the infection and automate threat detection in a campaign associated with the more_eggs malware. … Read more
September 24, 2024 at 01:07PM HP identified a new email campaign distributing AI-generated malware. The malware involves an encrypted HTML attachment and employs uncommon techniques, indicating potential use of generative AI. Researchers found the malware payload to be basic, raising concerns that novice attackers are leveraging AI. This development signals the increasing threat of AI-generated … Read more
September 16, 2024 at 08:21AM The text discusses the growing threat of identity-based cyber attacks and the need for organizations to adapt their incident response plans accordingly. It highlights the importance of an identity-focused playbook in detecting, containing, and recovering from identity breaches. The accompanying webinar promises to provide strategies for IT security professionals, incident … Read more
September 3, 2024 at 02:43PM Cybercriminals are posing as sellers of GlobalProtect VPN software from Palo Alto Networks and spreading a new variant of WikiLoader malware through SEO poisoning. The malware, known as WailingCrab, is traditionally spread through phishing and compromised websites. This campaign, discovered by Palo Alto’s Unit 42 team, has targeted US higher … Read more
August 30, 2024 at 06:48AM Cybersecurity researchers have uncovered a new malware campaign targeting users in the Middle East by posing as Palo Alto Networks GlobalProtect VPN tool. The malware can execute remote PowerShell commands, exfiltrate files, and bypass sandbox solutions, representing a significant threat. It employs evasion techniques and sets up connections to a … Read more
August 20, 2024 at 01:41PM Oregon Zoo states that customers who purchased tickets online between December 2023 and June 2024 had their payment card information compromised due to a phishing incident. Personal information, including full names, payment card numbers, CVVs, and expiration dates, was exposed. The zoo is notifying 117,815 individuals and offering credit monitoring … Read more
August 15, 2024 at 12:30PM Google confirmed Iranian cyber influence activity targeting US political figures, including Trump, Biden, and Harris, with phishing tactics and social engineering. APT42, part of the Iranian Revolutionary Guard Corps, used “Cluster C” phishing activity and Bitly links to target officials. Similar attacks were observed on Israeli officials, themed around the … Read more