January 11, 2024 at 09:00AM The article highlights the growing threat of phishing-driven ransomware, with the rise of Generative Artificial Intelligence (GenAI) making it more difficult to detect and defend against phishing attacks. To counter this, companies are advised to upgrade to next-generation multi-factor authentication (MFA) solutions, such as Token Ring, to protect against sophisticated … Read more
January 7, 2024 at 03:37PM LoanDepot, a leading nonbank mortgage lender in the USA, has been hit by a cyberattack, causing system outages and impacting customer payments and services. The company is actively addressing the incident and advising customers to use its call center for payment assistance. Concerns about data theft and phishing attacks have … Read more
January 7, 2024 at 03:37PM An ongoing campaign has been distributing the AsyncRAT malware for the past 11 months, utilizing various loader samples and domains. AsyncRAT, a Windows remote access tool, facilitates unauthorized access, data theft, and malware deployment. The attacks target specific individuals and companies, employing sophisticated techniques to avoid detection. Researchers provide detection … Read more
January 5, 2024 at 01:27AM A new variant of the Bandook trojan is being spread through phishing attacks, targeting Windows machines. The malware is distributed via a PDF file embedding a link to a password-protected .7z archive. After extraction, the malware injects its payload into msinfo32.exe. This off-the-shelf malware can remotely control infected systems and … Read more
January 4, 2024 at 04:06AM The UAC-0050 threat actor is using phishing attacks to distribute the Remcos RAT, employing new tactics to avoid detection by security software. Uptycs researchers highlight the group’s use of a pipe method for interprocess communication, demonstrating advanced adaptability. The group has a history of targeting Ukrainian and Polish entities through … Read more
January 3, 2024 at 06:18AM A new exploitation technique called SMTP smuggling allows threat actors to send malicious emails with fake sender addresses, bypassing security measures. The method exploits vulnerabilities in messaging servers from Microsoft, GMX, and Cisco, impacting SMTP implementations from Postfix and Sendmail. Cisco users are advised to change settings to avoid receiving … Read more
December 30, 2023 at 04:42AM Cybersecurity researchers are cautioning about a surge in phishing attacks targeting cryptocurrency wallets, utilizing a technique to drain multiple blockchain networks. Notably, a group called Angel Drainer offers a “scam-as-a-service” for a percentage of stolen assets. To combat this, users are advised to use hardware wallets, verify smart contracts, and … Read more
December 28, 2023 at 01:08PM Risk and financial advisory company Kroll has revealed details about the August data breach, exposing personal info of FTX bankruptcy claimants, including coin holdings. Kroll cautioned affected individuals about potential phishing attacks and recommended security measures, such as not sharing personal info and storing crypto in cold wallets. The breach … Read more
December 21, 2023 at 10:44AM BidenCash, a stolen credit card marketplace, is offering 1.9 million credit cards for free to gain popularity among cybercriminals. The platform has gained notoriety by occasionally releasing free dumps, but previous data has been found to contain duplicates and expired cards. Users of leaked valid cards are at risk of … Read more
December 21, 2023 at 10:02AM AI’s increasing influence on cybersecurity is evident from a surge in cyberattacks, with AI tools being used for automated phishing, impersonation, social engineering, and fake customer support chatbots. On the brighter side, the industry is leveraging AI to develop security measures, including creating “good AI,” anomaly detection, and utilizing AI … Read more