December 3, 2024 at 12:51AM A new malware campaign named Horns&Hooves targets users and businesses in Russia, infecting over 1,000 victims since March 2023. It delivers NetSupport RAT and BurnsRAT, utilizing deceptive email attachments to install additional malware. The threat is linked to group TA569, known for facilitating ransomware attacks and data theft. ### Meeting … Read more
December 2, 2024 at 11:09PM Taiwanese manufacturing, healthcare, and IT sectors are targeted by a campaign using SmokeLoader malware, which has advanced evasion techniques and modular capabilities. It primarily serves as a downloader but can execute attacks independently. The campaign starts with a phishing email exploiting old vulnerabilities to deploy SmokeLoader via Ande Loader. **Meeting … Read more
October 20, 2024 at 04:48AM Unknown threat actors exploited a patched vulnerability in Roundcube webmail to execute phishing attacks aimed at stealing user credentials. Discovered by Positive Technologies, the attack involved sending a deceptive email containing JavaScript code, targeting specific government organizations. Roundcube has since resolved the issue, but the potential for significant damage remains. … Read more
October 18, 2024 at 02:27PM Hackers breached ESET’s Israeli partner, sending phishing emails to businesses that disguised data wipers as antivirus software. The emails, appearing legitimate, originated from the compromised eset.co.il domain. Malicious files included legitimate DLLs and a harmful Setup.exe. The attack aimed to disrupt, reflecting ongoing cybersecurity threats in Israel. **Meeting Takeaways: ESET … Read more
October 18, 2024 at 07:00AM Threat actors are using fake Google Meet pages in the ClickFix malware campaign to deliver infostealers for Windows and macOS. Users are tricked into executing malicious PowerShell commands through deceptive error messages. The campaign is linked to two groups, raising concerns about unknown cybercrime services facilitating these operations. ### Meeting … Read more
October 16, 2024 at 03:48AM A spear-phishing campaign in Brazil is delivering the Astaroth banking Trojan, targeting sectors like manufacturing and government. The malware is disguised as official tax documents to lure users. Recommendations to counter these threats include strong passwords, multi-factor authentication, and keeping security software updated. **Meeting Takeaways – October 16, 2024** **Subject:** … Read more
October 9, 2024 at 10:42AM North Korean threat actors are targeting tech job seekers with malware through a campaign called “Contagious Interview.” The group poses as employers, enticing victims to download malicious applications like BeaverTail and InvisibleFerret, designed to steal sensitive data. This ongoing threat highlights financial motivations behind their cyber activities. **Meeting Notes Takeaways … Read more
October 4, 2024 at 10:18AM Microsoft and the U.S. DoJ announced the seizure of 107 internet domains linked to Russian state-sponsored threat actors engaged in cybercrime. The threat actor, known as COLDRIVER and affiliated with the Russian Federal Security Service, targeted U.S. government, NGOs, and think tanks through spear-phishing campaigns. Microsoft also filed a civil … Read more
September 18, 2024 at 09:02PM A phishing attack targeted the upcoming US-Taiwan Defense Industry Conference, aiming to distribute fileless malware through a forged registration form. The event’s organizer, the US-Taiwan Business Council, promptly recognized and repelled the attack. This incident reflects a recurring threat to the conference, as well as the council’s proactive approach to … Read more
August 30, 2024 at 02:42AM Chinese-speaking users are being targeted in a sophisticated cyber espionage campaign called SLOW#TEMPEST, using phishing emails to infect Windows systems with Cobalt Strike payloads. The attackers established persistence within systems, conducted reconnaissance, and set up remote access, allowing them to move laterally across networks undetected. The campaign appears to be … Read more