December 22, 2023 at 12:42PM A rogue WordPress plugin discovered by threat hunters poses a Magecart campaign threat, creating bogus admin users and injecting malicious code to steal credit card data. The plugin hides in the mu-plugins directory and enables sustained access to the target. This revelation comes amid growing concerns about digital skimming and … Read more
December 22, 2023 at 08:48AM Indian government entities and the defense sector are targeted by a phishing campaign dubbed Operation RusticWeb, dropping Rust-based malware for intelligence gathering. The attack involves Rust-based payloads, PowerShell commands, and trojans like AllaKore RAT, Ares RAT, and DRat. The group behind the campaign is linked to Pakistan and uses advanced … Read more
December 22, 2023 at 08:00AM A recent phishing campaign employs decoy Microsoft Word documents to distribute Nim-based malware. The backdoor lures victims to enable macros, then establishes a connection with a remote server disguised as a Nepali government entity. This comes amidst increased distribution of various malware strains and social engineering campaigns leveraging new tactics. … Read more
December 20, 2023 at 02:35PM A new phishing campaign targeting Instagram users involves fake ‘copyright infringement’ emails enticing recipients to input account details and backup codes on phishing pages. The elaborate scheme masquerades as Meta’s portal and requests sensitive information. Despite signs of fraud, the convincing approach poses a serious threat to unsuspecting victims. Users … Read more
December 15, 2023 at 01:58PM The Gaza Cybergang, a pro-Hamas group, is using a new variant of the Pierogi++ backdoor malware to launch attacks on Palestinian and Israeli targets. The backdoor, based on C++ programming, has been distributed through phishing attacks and social media engagements, with consistent targeting of Palestinian entities reported by Sentinel Labs … Read more
December 12, 2023 at 06:00AM A recent phishing campaign delivering the MrAnon Stealer malware via innocuous booking-themed PDFs targets Germany, capturing credentials, system info, browser sessions, and cryptocurrency extensions. Disguised as a hotel booking company, the malicious email prompts victims to download an “Adobe Flash update,” leading to the execution of harmful scripts. The malware … Read more
December 7, 2023 at 10:28AM Star Blizzard, believed to be linked to Russia’s FSB, continues targeted spear-phishing attacks for intelligence gathering. They impersonate trusted contacts using researched information to deceive individuals and organizations in the UK and beyond. Numerous cyber security agencies warn of their expanded targeting since 2019, including the defense industry and energy … Read more
December 5, 2023 at 07:22PM Fancy Bear, a Russian cyber-spy group, has been targeting US and European agencies using patched Outlook and WinRAR flaws for phishing campaigns. Microsoft and Polish Cyber Command observed unauthorized access to high-value email accounts. Over 10,000 emails were used to exploit the vulnerabilities. Proofpoint expects continued exploitation of unpatched systems … Read more
December 5, 2023 at 11:21AM Cybercriminals are circulating a bogus WordPress security email, claiming to resolve a fake RCE vulnerability with a “patch” that is actually a backdoor for site hijacking. No infections are reported yet, but users are urged not to install the offered plugin and to be wary of phishing attempts. Meeting Takeaways: … Read more
November 24, 2023 at 06:42AM This week’s cybersecurity roundup includes stories on cyberattacks targeting Russia, a cybersecurity firm COO admitting to hacking hospitals, a hacker breaching hotel networks and faking his own death, a data breach at Idaho National Laboratory, a large phishing campaign distributing malware, GPS attacks against commercial flights, Ukraine firing top cyber … Read more