November 27, 2024 at 06:28AM APT-C-60, a South Korea-aligned cyber espionage group, targeted a Japanese organization in August 2024 using a job application phishing scheme to deploy the SpyGlace malware. The attack utilized services like Google Drive and Bitbucket, exploiting vulnerabilities in WPS Office, and involved sophisticated methods for executing and distributing the malware. ### … Read more
November 26, 2024 at 02:09PM Cyberattackers are targeting OpenSea NFT users with a phishing attack that mimics legitimate notifications to lure victims into connecting their cryptocurrency wallets to a fake page. Researchers caution that these schemes exploit entry-level collectors’ inexperience, urging vigilance to avoid financial loss through social engineering tactics and malicious links. ### Meeting … Read more
November 22, 2024 at 12:17PM The Mysterious Elephant threat actor, also known as APT-K-47, is using advanced malware called Asynshell in recent attacks, targeting Pakistani entities. Utilizing Hajj-themed lures, they employ phishing tactics to deliver malicious files. The group has improved their methods and tools, showcasing a focus on evolving their malware since 2023. **Meeting … Read more
November 21, 2024 at 05:43PM Microsoft seized 240 domains linked to ONNX, a phishing-as-a-service platform targeting companies and individuals since 2017. ONNX was the leading player in middle (AitM) phishing, promoting phishing kits on Telegram. Microsoft’s legal action aims to disrupt ONNX’s operations, though other threat providers may emerge. ### Meeting Takeaways 1. **Domain Seizure**: … Read more
November 21, 2024 at 01:56PM The Department of Justice has charged five members of the hacking group “Scattered Spider” with various crimes related to cyberattacks on companies like MGM Resorts and Caesar’s Palace. Allegations include phishing and stealing sensitive data, cryptocurrencies, and identity information. They face significant prison sentences if convicted. ### Meeting Takeaways: 1. … Read more
November 21, 2024 at 12:08PM Microsoft and the Justice Department seized over 240 domains linked to ONNX, a phishing-as-a-service platform targeting thousands of victims globally since 2017. ONNX was the leading provider of phishing kits in 2024, enabling sophisticated attacks that bypassed security measures. Operations ceased after the owner’s identity was revealed. ### Meeting Takeaways … Read more
November 18, 2024 at 12:14PM Fake Bitwarden ads on Facebook promote a malicious Chrome extension that steals user data. This phishing campaign, identified by Bitdefender Labs, uses deceptive tactics to mimic the Chrome Web Store. Users are advised to ignore update prompts and only install extensions from trusted sources to avoid risks. ### Meeting Takeaways: … Read more
November 18, 2024 at 06:03AM A phishing campaign, attributed to a Chinese group named SilkSpecter, targets e-commerce shoppers in Europe and the U.S. ahead of Black Friday. Using fake sites mimicking brands, it aims to steal personal information and financial data through bogus discounts and SEO strategies. Victims may also face follow-up attacks. **Meeting Takeaways: … Read more
November 17, 2024 at 11:37AM Threat actors are increasingly using Scalable Vector Graphics (SVG) files for phishing and malware distribution due to their ability to evade detection. Unlike traditional image formats, SVGs use code to create images and can embed JavaScript, allowing attackers to hide malicious content. Users should treat unexpected SVG attachments as suspicious. … Read more
November 15, 2024 at 06:51AM A Vietnamese-speaking threat actor is using a new malware, PXA Stealer, to target government and educational institutions in Europe and Asia, stealing sensitive information, including credentials and financial data. The malware is delivered via phishing emails and is associated with a Telegram group selling compromised account credentials. ### Meeting Takeaways … Read more