April 10, 2024 at 03:12PM Proofpoint researchers observed a malicious campaign targeting multiple organizations in Germany, featuring an AI-generated malware dropper. While this development may signal future threats, it’s reassuring that defenses against malware remain consistent, and human expertise still outpaces AI in writing malicious code. The use of AI in cyberattacks presents more of … Read more
April 9, 2024 at 10:45AM RUBYCARP, a suspected Romanian threat group, has been running a botnet for over 10 years, using it for crypto mining, DDoS, and phishing. The group utilizes various public exploits and brute-force attacks, communicates through IRC networks, and employs a malware called ShellBot. Their activities include exploiting security flaws, creating a … Read more
April 9, 2024 at 10:45AM Human rights activists in Morocco and the Western Sahara are being targeted by a new threat actor called Starry Addax. They are using phishing attacks to trick victims into installing fake Android apps and harvesting credentials from Windows users. The actor has been active since January 2024 and is using … Read more
April 9, 2024 at 08:52AM UK businesses’ response to security breaches has “astounded” experts following the release of the 2024 cybercrime stats. The report reveals only 22% have a formal incident response plan, with low reporting rates to authorities. Small businesses drive down figures, showing lack of awareness and seeking outside cybersecurity expertise. Breaches cost … Read more
April 8, 2024 at 05:16PM Home Depot confirmed employee data compromise via a third-party software vendor, with a “small sample” of employees’ names, corporate IDs, and email addresses exposed. The incident underlines the importance of choosing SaaS vendors with robust cybersecurity measures. Experts recommend testing vendors’ workflows with non-production data and conducting regular security best … Read more
April 7, 2024 at 01:43PM Home Depot confirmed a data breach caused by a third-party SaaS vendor’s mistake, exposing limited employee data potentially used for phishing attacks. The data leak affects about 10,000 employees, potentially leading to targeted phishing efforts. IntelBroker, a known threat actor, leaked the data on a hacking forum. Home Depot advises … Read more
April 2, 2024 at 07:22AM The cyber skids at INC Ransom claim responsibility for a cybersecurity incident at Leicester City Council, mentioning the theft of 3 TB of data. INC Ransom used “flashing” tactics to pressure the council. While recovery efforts are ongoing, many online services are back, but the council remains silent on data … Read more
March 28, 2024 at 11:39AM Summary: The Darcula phishing-as-a-service (PhaaS) platform utilizes over 20,000 counterfeit domains to target organizations globally. By leveraging iMessage and RCS protocols, it bypasses SMS firewalls, targeting entities in 100+ countries. Offering support for 200+ templates, it facilitates various phishing attacks, including smishing tactics, with an ability to update features and … Read more
March 28, 2024 at 02:02AM The government, manufacturing, and energy sectors are prime targets for advanced, persistent threat actors, who commonly use phishing attacks and remote exploits as their main methods. Based on the meeting notes, it’s clear that advanced, persistent threat actors are targeting the government, manufacturing, and the energy industry. The most common … Read more
March 27, 2024 at 01:01PM Threat actors are increasingly using the inexpensive and rapidly expanding phishing-as-a-service (PhaaS) platform, available for purchase through Telegram. Certainly! The takeaway from the meeting notes is that threat actors are increasingly utilizing the inexpensive and rapidly expanding phishing-as-a-service (PhaaS) platform, which is being distributed through Telegram. This insight highlights the … Read more