July 15, 2024 at 02:32PM The MuddyWatter hacking group has developed a new custom-tailored malware implant called BugSleep. It is distributed through phishing emails disguised as invitations to webinars or online courses. The malware is injected into various apps and is actively being developed, indicating a trial-and-error approach. MuddyWatter has shifted to using BugSleep instead … Read more
July 15, 2024 at 02:24PM The Iranian-backed MuddyWatter hacking group has developed a new custom malware called BugSleep. Analysts at Check Point Research discovered the malware being distributed via well-crafted phishing lures. This new backdoor, actively developed and partially distributed, signals a shift from the group’s previous tactics. MuddyWatter’s cyber-espionage campaigns target various global industries. … Read more
May 24, 2024 at 01:29PM The Gipy campaign, discovered in 2023, uses an infostealer malware to target users in Germany, Russia, Spain, and Taiwan with phishing lures promising an AI voice changing application. Upon delivery, Gipy enables data theft, cryptocurrency mining, and installation of additional malware. Researchers found various malicious programs being delivered in the … Read more
March 28, 2024 at 11:12AM A cyberespionage campaign, dubbed Operation FlightNight, targeted government entities and energy organizations in India using phishing emails masquerading as Indian Air Force invitation letters. The malware exfiltrated data from victim machines, including financial documents and employee information. The attackers modified an open-source information stealer and utilized Slack channels for communication … Read more
March 6, 2024 at 01:42PM A threat actor is leveraging fake Skype, Google Meet, and Zoom meetings to distribute malware targeting Android and Windows users. This campaign, discovered in December, poses a significant cybersecurity threat. By mimicking legitimate URLs and hosting on a single IP address, the attackers are successfully distributing malicious payloads, emphasizing the … Read more
February 27, 2024 at 03:23PM Cybercriminals in Mexico are using tax season-related phishing emails to spread the new “Timbre Stealer” infostealer to targeted organizations. The threat actors have refined their phishing messages to exploit the tax season, enhancing the spread of the malware. “Timbre Stealer” executes anti-analysis techniques and collects diverse data once infiltrated. Tax … Read more
January 24, 2024 at 12:01PM The UK’s National Cyber Security Centre (NCSC) warns that AI tools will intensify cyber attacks over the next two years. Both skilled and novice cybercriminals are leveraging AI for varied purposes, making attacks more sophisticated. AI’s impact will be evolutionary, enhancing existing threats, and potentially enabling advanced tools for cyber … Read more
January 17, 2024 at 01:30PM Microsoft has uncovered a sophisticated spear-phishing campaign by the ‘Mint Sandstorm’ hackers, associated with Iran’s military intelligence. The attacks target high-profile individuals in Middle Eastern affairs, using impersonation of journalists and benign emails to build trust before delivering malicious content. The hackers utilize compromised accounts to send phishing lures and … Read more