Mind your header! There’s nothing refreshing about phishers’ latest tactic

September 12, 2024 at 05:24AM Palo Alto’s Unit 42 threat intel team warns of a rising tactic used by phishers to steal victims’ credentials. They identified over 2,000 large-scale phishing campaigns abusing HTTP header refresh entries to redirect visitors to malicious websites. The phishing attacks primarily target business and economy sectors, highlighting the need for … Read more

Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors

May 30, 2024 at 12:09PM Summary: A new cyber espionage threat actor called LilacSquid has been conducting targeted attacks in the US, Europe, and Asia since 2021, aiming to steal data from various sectors. The actor deploys a mix of open-source tools and custom malware, including a distinctive variant of Quasar RAT codenamed PurpleInk. This … Read more

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

January 16, 2024 at 05:36AM Volexity has observed widespread exploitation of two zero-day vulnerabilities in Ivanti Connect Secure VPN appliances by threat actors, including the group UTA0178. These vulnerabilities allow attackers to execute arbitrary commands and compromise internal networks. While the attacks were initially targeted, they have now become widespread, affecting organizations globally, particularly in … Read more