June 12, 2024 at 01:41PM A new phishing kit has been released enabling creation of deceptive corporate login forms using Progressive Web Apps (PWAs). PWAs are web-based apps that imitate desktop applications and can display fake address bars to make phishing forms look convincing. Security researcher mr.d0x has released templates for this technique, potentially enabling … Read more
May 16, 2024 at 09:38AM Microsoft Threat Intelligence revealed that a financially motivated threat actor, Storm-1811, is conducting a vishing campaign using Quick Assist for remote access, posing as trusted contacts. The attacker delivers Black Basta ransomware and additional malware through various means, emphasizing the need for vigilance and user education to combat social engineering … Read more
April 6, 2024 at 12:04PM The U.S. Department of Health and Human Services warns of hackers using social engineering to target IT help desks in the Healthcare and Public Health sector. They gain access by enrolling their own MFA devices and using AI voice cloning. Similar tactics are used by the Scattered Spider threat group. … Read more
March 6, 2024 at 05:39PM Researchers have detected a cyber campaign targeting vulnerable cloud servers running Apache Hadoop, Atlassian Confluence, Docker, and Redis. The attackers deploy a cryptomining tool and a Linux-based reverse shell for potential future targeting. The campaign, known as Spinning YARN, exploits known vulnerabilities and misconfigurations, with tactics overlapping with threat groups … Read more
February 22, 2024 at 10:51AM The open-source pentesting tool SSH-Snake has been used to steal SSH credentials from approximately 100 organizations, leading to worm-like attacks on networks. Developed by Joshua Rogers, the tool maps network dependencies and enables hackers to compromise systems. Despite being used for malicious purposes, its fileless and self-replicating nature makes it … Read more
January 18, 2024 at 06:15AM Attackers have launched a new campaign targeting vulnerable Docker services, deploying an XMRig miner and the 9hits viewer app on compromised hosts for dual monetization. They exploit resources of these systems to drive traffic as part of the 9hits traffic exchange system, showcasing a need for stricter security checks and … Read more