Infosecurity News
PDF Exploitation Targets Foxit Reader Users
CPR said exploit builders in .NET and Python have been employed to deploy this malware
Infosecurity News
CPR said exploit builders in .NET and Python have been employed to deploy this malware
The Hacker News
A newer version of the Hijack Loader malware has been observed with updated anti-analysis techniques to evade detection.
Cyber Security News
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
The Record
Researchers at Bitsight asked whether organizations remediate software and hardware vulnerabilities faster if they're on the federal government's list. The resulting data added up to a resounding "yes."
DarkReading
Microsoft patched a record number of 147 new CVEs this month, though only three are rated "Critical."
Infosecurity News
First found in 2019, JSOutProx combines JavaScript and .NET functionalities to infiltrate systems
Cyber Security News
McAfee Labs' findings reveal how Pikabot leverages a variety of file types, including HTML, Javascript, and Excel, to breach security defenses.
DarkReading
An economic success story in Asia, Vietnam is seeing more manufacturing and more business investment. But with that comes a significant uptick in cybercrime as well.
The Hacker News
TA558, the notorious threat actor, is back in action, hitting Spain, Mexico, U.S., and more with Venom RAT.
Security Affairs
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability
DarkReading
Attackers use Google redirects in their phishing attack leveraging a now-patched vulnerability that aims to spread the multifaceted malware.
The Hacker News
A new DarkGate malware campaign uses a recently patched #MicrosoftWindows flaw (CVE-2024-21412) to deploy malicious software via bogus installers.
Bleeping Computer
A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
Bleeping Computer
A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
Trend Micro
In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.
Infosecurity News
Proofpoint said TA4903 adopted new tactics, including lure themes referencing confidential docs and ACH payments
HACKRead
Samip Aryal, a Nepali bug bounty hunter, discovered a zero-click flaw in Facebook's password reset system, allowing actors to hack any account.
Bleeping Computer
This article takes a look at some lessons from recent phishing attacks and highlights actionable tips to limit the risks of phishing affecting your company.
HACKRead
Users are reporting a connection between suspensions and their linked Oculus accounts, indicating a potential security issue within the VR platform.
Cyber Security News
ANY.RUN, an interactive malware sandbox, has published a comprehensive analysis of the growing threat that crypto-malware poses.
Infosecurity News
Cybercriminals are increasingly using PDFs to deliver malware, with a 7% rise in threats detected in Q4 2023 compared to Q1, according to a HP Wolf Security report
The Hacker News
A malicious Python script allowing cybercriminals to launch SMS phishing attacks via AWS SNS
CyberNews
Legal advertising tools are being leveraged by cybercriminals to conceal their illicit campaigns and track victims.
The Hacker News
Microsoft's latest Patch Tuesday tackles 73 vulnerabilities, including actively exploited zero-days.
Bleeping Computer
The Bumblebee malware has returned after a four-month vacation, targeting thousands of organizations in the United States in phishing campaigns.
Bleeping Computer
Microsoft Teams is susceptible to a growing number of cybersecurity threats as its massive user base is an attractive target for cybercriminals. Learn more from Adaptive Shield on how to increase your Microsoft Teams security posture.
The Hacker News
PikaBot malware undergoes a dramatic transformation, simplifying its code and communication methods
Trend Micro
The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.
The Hacker News
U.S. Department of State is offering up to $10 million for information on Hive ransomware operators.
The Hacker News
Cybercriminals are targeting Mexican users with a new variant of the Mispadu banking malware, exploiting a patched Windows SmartScreen bypass flaw
HACKRead
AnyDesk, a remote desktop software maker, has reportedly become a victim of a cyberattack that compromised its production systems.
HACKRead
Microsoft Teams targeted for phishing and malware attacks. Learn how to protect your organization against these evolving cyber threats.
Bleeping Computer
New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems.
Infosecurity News
New data from Corvus found that ransomware incidents rose by 68% in 2023 compared to 2022, but law enforcement takedowns led to a fall in Q4
Security Affairs
The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity.
The Hacker News
Cybersecurity experts reveal the inner workings of SystemBC's command-and-control (C2) server, a dangerous malware available on the dark web.
The Hacker News
TA866 is back with thousands of invoice-themed, booby-trapped emails targeting users with WasabiSeed and Screenshotter malware.
HACKRead
The phishing scam falsely asserts that the victim’s Facebook page will be permanently deleted due to a post allegedly infringing on trademark rights. However, there is no actual infringement; it’s all part of the scammer’s malicious plan.
Infosecurity News
The malware targets browsers, steals crypto wallet and messaging app data, and collects system information
HACKRead
Lush Retail Ltd., a popular British cosmetics retailer headquartered in Poole, Dorset, is investigating a cyber attack. Still, it is unclear whether it is a ransomware attack, a data breach, or a DDoS attack causing disruption.
DarkReading
An emerging threat actor, Water Curupira, is wielding a new, sophisticated loader in a series of thread-jacking phishing campaigns that precede ransomware.
The Hacker News
Beware of Water Curupira! This threat actor is spreading PikaBot, more than a malware loader – it's a gateway to ransomware attacks.
Trend Micro
Pikabot is a loader with similarities to Qakbot that was used in spam campaigns during most of 2023. Our blog entry provides a technical analysis of this malware.
Security Affairs
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
The Hacker News
A new malware loader called JinxLoader is being used by threat actors to deliver payloads such as Formbook and XLoader.
HACKRead
Microsoft has disabled the App Installer feature to protect users and prevent threat actors from maliciously exploiting its products and features.
The Hacker News
Microsoft takes action against malware threat: disables ms-appinstaller protocol handler by default.
The Record
Microsoft said Thursday that it disabled a feature intended to streamline app installation after it discovered financially motivated hacking groups using it to distribute malware.
Cyber Security News
Weaponized Fake Browser Updates and Emails Spread DarkGate Malware also known as BattleRoyal, permits the execution of further malware.
The Hacker News
A new phishing campaign is using Microsoft Word docs as bait to deliver Nim-based malware.
DarkReading
The shadowy threat actor uses some nifty tricks to drop popular malware with targets that meet its specifications.
Infosecurity News
Proofpoint said the cluster’s use of multiple attack chains highlights a new trend among cybercriminals
The Hacker News
Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla
Cyber Security News
Threat actors are purchasing advertisements for malicious websites to lure victims into downloading malware, which can eventually lead to data theft and ransomware.
The Hacker News
PikaBot, a dangerous loader, is spreading via malvertising campaigns targeting users searching for legit software like AnyDesk
The Hacker News
Threat hunters have discovered new tactics used by the GuLoader malware to evade analysis.
SecurityWeek
Idaho National Laboratory breach, GPS attacks target airplanes, Russian accuses China and North Korea of hacking.
Bleeping Computer
A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.
Infosecurity News
DarkGate and PikaBot have been observed as part of phishing campaigns using the same tactics as the ones used by QakBot perpetrators
The Hacker News
New high-volume phishing campaigns mimic tactics of defunct QakBot trojan, hijacking email threads and using unique URLs to deliver DarkGate & PikaBot
DarkReading
Threat actors distributed an archive containing images of new products by major clothing companies, along with a malicious executable disguised with a PDF icon.
The Hacker News
Malicious sites posing as legit Windows news portals spotted distributing malware disguised as CPU-Z.
The Hacker News
Jupyter Infostealer is back with stealthy changes. Cyber attackers use manipulated SEO tactics to trick users into downloading malware.
Cyber Security News
cybersecurity researchers at Proofpoint discovered two malicious campaigns in which TA571 was found spreading the Forked IcedID variant
DarkReading
Vietnamese cybercrime groups are using multiple different MaaS infostealers and RATs to target the digital marketing sector.
The Hacker News
Attacks in the U.K., U.S., and India linked to Vietnamese hackers using DarkGate malware and Ducktail stealer.
Bleeping Computer
A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair to lure people into downloading info-stealing malware like DarkGate and RedLine.
Infosecurity News
WithSecure has found strong indicators that DarkGate attacks are being perpetrated by attackers also using the Ducktail infostealer
Latest Hacking News
The notorious DarkGate malware has become active again, as it now spreads via compromised Skype accounts. Researchers warn users to remain cautious while interacting with unknown accounts. DarkGate Malware Spreads Via Compromised Skype Accounts According to a
Cyber Security News
o spread the DarkGate malware to the targeted businesses, hackers utilized the Teams and Skype messaging platforms.
Bleeping Computer
Between July and September, DarkGate malware attacks have used compromised Skype accounts to infect targets through messages containing VBA loader script attachments.
The Hacker News
DarkGate malware is now spreading through instant messaging apps like Skype & Microsoft Teams.
DarkReading
A plurality of the targets in the ongoing campaign have been based in the Americas.
Trend Micro
We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment.
Bleeping Computer
Microsoft is planning to phase out VBScript in future Windows releases after 30 years of use, making it an on-demand feature until it is removed.
Bleeping Computer
A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware.
The Hacker News
Beware of the latest macOS threat! A new malvertising campaign is actively spreading Atomic Stealer malware, targeting gamers and crypto users.
Cyber Security News
The latest attack techniques, significant weaknesses, and exploits have all been highlighted. We also provide the most latest software upgrades available to keep your devices secure.
The Hacker News
New malspam campaign uses DarkGate malware to steal data, mine cryptocurrency, and evade detection.