April 8, 2024 at 07:33AM Threat hunters discovered a new malware, Latrodectus, distributed through email phishing campaigns since late November 2023. It is associated with IcedID threat actors and has been primarily linked to two initial access brokers. The malware has sophisticated capabilities and is expected to be increasingly used by financially motivated threat actors. … Read more
April 3, 2024 at 05:45AM The Mispadu banking trojan expands its target beyond Latin America to Italy, Poland, and Sweden. Despite this, Mexico remains the primary target, resulting in thousands of stolen credentials. The malware is distributed via spam emails and leverages a Windows SmartScreen security flaw. Additionally, malicious YouTube videos are being used to … Read more
April 2, 2024 at 02:40PM A misconfigured MediaWiki web server led to a data breach at the Open Web Application Security Project (OWASP) Foundation. Resumes of members from 2006 to around 2014, consisting of personal details, were accessed. OWASP is advising caution as the breached data could be used for identity fraud and phishing attempts. … Read more
April 2, 2024 at 01:05AM Security teams in the region are bolstering their defenses in response to short-staffing and heightened DDoS, phishing, and ransomware attacks during the Muslim holy month. Based on the meeting notes, the key discussion points are related to how security teams in the region are enhancing their defenses to cope with … Read more
March 27, 2024 at 06:14PM Summary: ‘Darcula’ is a sophisticated phishing-as-a-service (PhaaS) using 20,000 domains to target Android and iPhone users in over 100 countries. It employs modern techniques like RCS and iMessage to send phishing messages and offers over 200 templates. Cybercriminals are adapting to legislation by embracing alternative protocols but face challenges. Users … Read more
March 22, 2024 at 12:48PM Mandiant discovered Russia’s APT29 hacking group targeting German political parties, marking a potential shift from diplomatic targets. The group used phishing emails with a malware dropper and backdoor to infiltrate systems. Mandiant noted the group’s evolving tactics and previous high-profile attacks, cautioning about their adaptability and broad threat to Western … Read more
March 21, 2024 at 01:39AM Kimsuky cyber crime gang, also known as Black Banshee, Thallium and APT 43, is employing new tactics to conduct their operations, particularly targeting South Korea. Rapid7 suspects their approach involves distributing malicious files, including CHM, ISO, VHD, ZIP, and RAR, and utilizing innovative techniques to execute arbitrary commands and harvest … Read more
March 19, 2024 at 06:48AM Threat actors are exploiting digital document publishing (DDP) sites like FlipSnack and Issuu for phishing attacks. These legitimate platforms allow the hosting of malicious documents, evading email security controls. The attackers create multiple accounts using free trial periods, and the DDP sites’ features make it challenging to detect and extract … Read more
March 18, 2024 at 09:15AM Social engineering is the manipulation of human thought processes and is a major aspect of hacking, though not directly involved in repurposing electronic systems. Social engineers manipulate the human subconscious for financial gain and require different skills than computer hackers. Stephanie Carruthers, Chief People Hacker at IBM Security, discusses her … Read more
March 18, 2024 at 08:45AM A new malware campaign using bogus Google Sites and HTML smuggling to distribute the AZORult malware for information theft has been discovered by cybersecurity researchers. The campaign employs stealthy tactics to bypass security controls, with findings revealing similar techniques used in recent phishing campaigns to disseminate other malware like Agent … Read more