March 25, 2024 at 04:39AM Iran-affiliated threat actor MuddyWater launches a new phishing campaign targeting Israeli entities. They aim to deliver a Remote Monitoring and Management solution called Atera through malicious links in emails and PDF attachments. Another Iranian group, Lord Nemesis, breaches a software services provider, leading to a software supply chain attack on … Read more
March 23, 2024 at 03:58AM Russian cyberspies targeted German political parties using phishing emails disguised as dinner invitations. The emails contained a backdoor, WINELOADER, that aimed to infect targets’ PCs for long-term access to networks and data. The espionage group, linked to the Russian Foreign Intelligence Service, has expanded its targets, techniques, and even lurked … Read more
March 19, 2024 at 02:15AM A new phishing campaign dubbed Operation PhantomBlu is using a sophisticated technique to deploy NetSupport RAT, targeting U.S. organizations with salary-themed phishing emails and exploiting Microsoft Office document templates. Additionally, threat actors are increasingly abusing public cloud services and data-hosting platforms to generate undetectable phishing URLs, sold on underground platforms. … Read more
March 7, 2024 at 01:33AM Threat actors are using fake websites promoting popular video conferencing apps like Google Meet, Skype, and Zoom to distribute malware targeting Android and Windows users. The attackers are using typosquatting tricks to deceive users into downloading Remote Access Trojans. Additionally, a new malware called WogRAT is targeting Windows and Linux … Read more
February 22, 2024 at 02:49PM Russian-linked threat actors carried out Operation Texonto, a multi-wave campaign targeting Ukraine. The operation involved PsyOps and spear-phishing to spread misinformation and steal Microsoft 365 credentials across Europe. It ran in two waves from October-December 2023. The tactics employed aimed to influence Ukrainian citizens and featured fake Microsoft login pages … Read more
February 20, 2024 at 01:27AM Iran and Hezbollah-backed hackers launched cyber attacks to undermine support for the Israel-Hamas war in October 2023, including destructive attacks, hack-and-leak operations, phishing campaigns, and information operations. The attacks were executed independently of physical actions, with groups like GREATRIFT and Charming Kitten targeting Israel, and Hamas-linked actors targeting Israeli engineers. … Read more
February 14, 2024 at 07:15AM Infamous malware loader Bumblebee resurfaces in a new phishing campaign targeting organizations in the U.S. Proofpoint warned about voicemail-themed lures leading to Word files with VBA macros launching PowerShell commands to execute Bumblebee. The attack chain relies on macro-enabled documents, coinciding with reappearance of new variants of QakBot, ZLoader, and … Read more
February 13, 2024 at 09:39AM The PikaBot malware has evolved with significant changes, simplifying its code and network communications, making it more accessible for threat actors. With ongoing development, it remains a significant cyber threat. Additionally, a cloud account takeover campaign targeting Microsoft Azure environments has compromised hundreds of user accounts. Source: Newsroom Cyber Threat/Malware. … Read more
February 13, 2024 at 09:25AM A phishing campaign targeting senior business executives and other high-level roles has seen a spike in compromised accounts, including hundreds of cloud account takeovers and numerous Azure environments affected. The attackers aim to gain access to privileged accounts, steal sensitive data, and manipulate multi-factor authentication methods. Researchers advise vigilance and … Read more
February 12, 2024 at 02:17PM A recent phishing campaign targeting Microsoft Azure has compromised hundreds of user accounts, including those of senior executives. The hackers aim to access confidential information and launch more attacks within the breached organization. Proofpoint has issued an alert with details of the attacks and defense measures, including monitoring user-agent strings … Read more