September 25, 2024 at 12:50PM Threat actors are exploiting public interest in a scandal involving rapper Sean “Diddy” Combs to spread spyware through files claiming to reveal deleted social media posts. Researchers have found PySilon RAT disguised as “PdiddySploit,” posing serious security threats. Attackers are leveraging the scandal to spread malware, urging caution when interacting … Read more
September 18, 2024 at 05:00PM SambaSpy, a remote access Trojan (RAT), is a sophisticated tool with various spying and data-stealing functions, initially targeting Italian victims and potentially expanding to other countries. The malware’s capabilities include file management, remote control, password stealing, and more, making it a versatile and powerful tool for threat actors. It is … Read more
September 5, 2024 at 07:12AM Two Nigerian nationals, Ebuka Raphael Umeti, 35, and Franklin Ifeanyichukwu Okwonna, 34, were sentenced in the US for running a business email compromise (BEC) scheme. Umeti received a 10-year prison term, while Okwonna got five years and three months. They were ordered to pay roughly $5 million in restitution for … Read more
September 1, 2024 at 11:13PM Unknown attackers have utilized Tencent’s cloud for a phishing campaign targeting Chinese entities, as uncovered by Securonix. The campaign involves delivering Cobalt Strike payloads through phishing emails, establishing persistence and remaining undetected within systems. The attack methodically targets specific Chinese business or government sectors, using advanced exploitation frameworks such as … Read more
July 21, 2024 at 07:35PM Threat actors are exploiting the CrowdStrike glitch by targeting companies with data wipers and remote access tools. CrowdStrike is actively assisting affected customers and warns about phishing attempts. Malware campaigns impersonate CrowdStrike to distribute RATs and wipers. The faulty update affected 8.5 million Windows devices, leading to widespread disruption. CrowdStrike … Read more
June 19, 2024 at 03:35AM Criminals are using social engineering techniques to target organizations worldwide with malicious PowerShell scripts disguised as fake error messages from Google Chrome, Microsoft Word, and OneDrive. Proofpoint identified at least two criminal groups using this tactic, with the possibility of spreading ransomware. Organizations are advised to train employees to recognize … Read more
June 17, 2024 at 10:14AM Nigerian national Ebuka Raphael Umeti, 35, faces up to 27 years in federal prison after being convicted in the US for operating a business email compromise (BEC) scheme. He and his co-conspirators caused or intended to cause losses of more than $1.5 million to their victims. Co-defendant Franklin Ifeanyichukwu Okwonna, … Read more
June 11, 2024 at 12:37PM A new Windows backdoor named WarmCookie, distributed through phishing emails, has become the latest tool for cyber attackers. Despite lacking sophistication, this backdoor is actively impacting organizations globally. It targets individuals with job recruitment lures and can ultimately lead to ransomware deployment. Organizations are urged to watch out for it … Read more
April 24, 2024 at 01:39AM A new malware campaign, linked to threat actor CoralRaider, is distributing multiple stealers via Content Delivery Network (CDN) cache domains. The campaign targets various businesses in different countries, adopting deceptive tactics such as phishing emails and booby-trapped links to propagate malware. The modular PowerShell loader script bypasses User Access Controls … Read more
April 10, 2024 at 10:52AM A new phishing campaign aimed at Microsoft Windows users deploys various malware, including VenomRAT, Remcos RAT, NanoCore RAT, and XWorm. The attackers use phishing emails with malicious attachments to infiltrate systems, aiming to steal critical data and establish persistence. Vigilance, education, and robust cybersecurity measures are crucial for mitigating such … Read more