September 4, 2024 at 07:19AM The report “Why Account Takeover Attacks Still Succeed, and Why the Browser is Your Secret Weapon in Stopping Them” emphasizes the threat of account takeover attacks in SaaS environments and the role of the browser in neutralizing them. It highlights tactics used in account takeovers and recommends a browser security … Read more
September 3, 2024 at 06:48AM A new Android banking trojan named Rocinante targets mobile users in Brazil, capable of keylogging and stealing personal information from victims. The malware can masquerade as various banking apps and is linked to a threat actor known as DukeEugene. Symantec also highlighted a banking trojan campaign targeting Spanish and Portuguese-speaking … Read more
September 2, 2024 at 03:24AM FBI and CISA issued a joint advisory on new ransomware threats, describing a cybercriminal group and methods. The rapid growth in attacks calls for urgent adjustments in cyber defense strategies. Phishing-resistant MFA is crucial, with next-generation solutions and targeted deployments recommended. Organizations need to upgrade defense strategies to protect against … Read more
August 30, 2024 at 07:30AM Cybersecurity researchers have discovered a new network infrastructure set up by Iranian threat actors to support recent targeting of U.S. political campaigns, displaying a meticulously crafted system using dynamic DNS providers for phishing attacks. This comes amid increased Iranian cyber activity against the U.S., including ramped-up malicious cyber activities. After … Read more
August 29, 2024 at 07:48AM Attackers are increasingly using new phishing toolkits, like adversary-in-the-middle (AitM), which lets them bypass traditional prevention controls. AitM phishing uses dedicated tooling to act as a proxy between the target and a legitimate login portal for an application, enabling attackers to steal live sessions. AitM toolkits employ reverse web proxies … Read more
August 28, 2024 at 09:08AM Microsoft fixed flaws in Copilot that allowed attackers to steal users’ emails and personal data through a series of LLM-specific attacks, including prompt injection. Red teamer Johann Rehberger disclosed the exploit, prompting Microsoft to make changes for customer protection. The exploit used prompt injection, automatic tool invocation, and ASCII smuggling … Read more
August 26, 2024 at 12:54AM Researchers have discovered new Android malware, NGate, aimed at stealing contactless payment data from physical credit and debit cards to conduct fraudulent operations. Targeting banks in Czechia, the attack involves social engineering and SMS phishing to trick users. NGate prompts victims to enter sensitive financial details and instigates an NFC … Read more
August 21, 2024 at 07:33AM The Styx Stealer, a new information stealer, was found to have leaked data related to clients, profit information, nicknames, phone numbers, and email addresses due to an operational security lapse by the operator. It is advertised for $75 a month and linked to a Turkey-based threat actor. Check Point uncovered … Read more
August 21, 2024 at 02:27AM The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks with the objective to infect devices with malware, attributed to the threat cluster UAC-0020 (Vermin). The attacks involve phishing messages with photos of prisoners of war, leading to the installation of spyware SPECTR and new malware … Read more
August 20, 2024 at 02:22AM Cybersecurity researchers have reported ongoing attacks by Blind Eagle, an adaptable threat actor targeting entities and individuals in Latin American nations. The group employs spear-phishing tactics, geographical redirection, and process injection techniques to distribute trojans like AsyncRAT and NjRAT, enabling cyber espionage and financial credential theft campaigns. Kaspersky warns of … Read more