August 2, 2024 at 03:24AM Cybersecurity experts have noted a rise in the misuse of Clouflare’s TryCloudflare free service for distributing malware. Attackers are using it to create temporary tunnels to relay traffic from server to local machine. The campaign, targeting organizations globally, uses phishing emails to deliver various malware, with a focus on financial … Read more
July 30, 2024 at 10:00AM BlackBerry reports that a threat actor, known as SideWinder, has been targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. The actor has been active since 2012, primarily targeting government, military, and businesses in various countries for cyberespionage. The attacks rely on spear-phishing emails and malicious documents … Read more
July 30, 2024 at 04:36AM SideWinder, a nation-state threat actor associated with India, is conducting a cyber espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. Using spear-phishing, document exploitation, and DLL side-loading techniques, their latest attacks leverage emotional lures and exploit security vulnerabilities to deliver malicious payloads for potential … Read more
July 23, 2024 at 12:29PM Telegram has addressed a zero-day flaw in older Android app versions, allowing attackers to hide malicious payloads in video files. ESET researchers discovered the flaw, “EvilVideo”, on a hacker forum. Exploit affected versions 10.14.4 and below. Updates to version 10.14.5 and above fix the issue. Users should update immediately to … Read more
July 23, 2024 at 10:36AM CrowdStrike warns of a new Daolpu malware, falsely distributed as a Windows recovery tool after the recent Falcon update struggles. This stealer targets account credentials and browser data from Chrome, Edge, Firefox, and Cốc Cốc. Attackers use malicious document macros to trigger the malware. CrowdStrike advises vigilance against phishing and … Read more
July 23, 2024 at 08:15AM ESET has warned of a zero-day exploit affecting Telegram for Android, allowing threat actors to distribute malicious files disguised as videos. The vulnerability, dubbed EvilVideo, auto-downloads payloads containing APK files presented as multimedia previews. Users are advised to update their app to version 10.14.5 to address this issue. Based on … Read more
July 22, 2024 at 10:47AM Summary: The “EvilVideo” zero-day vulnerability in Telegram for Android allowed threat actors to send malicious APK payloads disguised as video files. ESET researchers discovered the flaw and notified Telegram, which released a patch in version 10.14.5. The exploit required multiple steps for execution, reducing the risk of successful attacks. Users … Read more
July 19, 2024 at 10:05AM APT41, a Chinese threat group, has launched a cyber espionage campaign targeting organizations in shipping, logistics, media, entertainment, technology, and automotive industries across multiple countries. The group, known for supply chain attacks, has successfully infiltrated and maintained access to victim networks. APT41 is using custom cyber espionage tools and has … Read more
July 18, 2024 at 05:34PM Cybercriminal group Revolver Rabbit has registered over 500,000 domain names using a secret method called RDGAs to execute infostealer campaigns targeting Windows and macOS systems. Security researchers at Infoblox discovered this large-scale operation, estimating over $1 million in registration fees. The domains use a consistent pattern for easy readability and … Read more
July 17, 2024 at 12:34PM A threat actor leaked personal data of over 440,000 Life360 customers by exploiting a flaw in the login API. The breach also impacted Trello accounts, and Life360 disclosed an extortion attempt linked to a separate Tile customer support platform breach. The exposed information includes names, addresses, email addresses, and phone … Read more