December 12, 2023 at 06:00AM A recent phishing campaign delivering the MrAnon Stealer malware via innocuous booking-themed PDFs targets Germany, capturing credentials, system info, browser sessions, and cryptocurrency extensions. Disguised as a hotel booking company, the malicious email prompts victims to download an “Adobe Flash update,” leading to the execution of harmful scripts. The malware … Read more
December 7, 2023 at 10:28AM Star Blizzard, believed to be linked to Russia’s FSB, continues targeted spear-phishing attacks for intelligence gathering. They impersonate trusted contacts using researched information to deceive individuals and organizations in the UK and beyond. Numerous cyber security agencies warn of their expanded targeting since 2019, including the defense industry and energy … Read more
December 5, 2023 at 07:22PM Fancy Bear, a Russian cyber-spy group, has been targeting US and European agencies using patched Outlook and WinRAR flaws for phishing campaigns. Microsoft and Polish Cyber Command observed unauthorized access to high-value email accounts. Over 10,000 emails were used to exploit the vulnerabilities. Proofpoint expects continued exploitation of unpatched systems … Read more
December 5, 2023 at 11:21AM Cybercriminals are circulating a bogus WordPress security email, claiming to resolve a fake RCE vulnerability with a “patch” that is actually a backdoor for site hijacking. No infections are reported yet, but users are urged not to install the offered plugin and to be wary of phishing attempts. Meeting Takeaways: … Read more
November 24, 2023 at 06:42AM This week’s cybersecurity roundup includes stories on cyberattacks targeting Russia, a cybersecurity firm COO admitting to hacking hospitals, a hacker breaching hotel networks and faking his own death, a data breach at Idaho National Laboratory, a large phishing campaign distributing malware, GPS attacks against commercial flights, Ukraine firing top cyber … Read more
November 21, 2023 at 10:56AM A sophisticated phishing campaign using DarkGate and PikaBot malware is posing a significant threat to organizations. The campaign began after the takedown of the Qakbot operation and is considered one of the most advanced since then. The attackers employ tactics similar to the previous Qakbot campaigns, indicating a shift to … Read more
November 7, 2023 at 04:42AM The Pakistan-linked threat actor called SideCopy has been using a recent WinRAR security vulnerability to target Indian government entities. They are delivering remote access trojans such as AllaKore RAT, Ares RAT, and DRat. This campaign is multi-platform, targeting both Windows and Linux systems. SideCopy is suspected to be a sub-group … Read more
October 31, 2023 at 07:06AM A malvertising campaign has been discovered that exploits a compromised website to promote fake versions of PyCharm on Google search results. Users who clicked on the ad were directed to a hacked webpage that installed multiple malware. The campaign takes advantage of Dynamic Search Ads offered by Google, allowing threat … Read more