Cyber Security News
5 Common Phishing Vectors and Examples - 2024
Phishing attacks can be executed through various means, such as SMS and phone calls, but the most prevalent method involves sending victims emails containing malicious attachments.
Cyber Security News
Phishing attacks can be executed through various means, such as SMS and phone calls, but the most prevalent method involves sending victims emails containing malicious attachments.
Cyber Security News
Staying informed is the key in this dynamic battle of cybersecurity, and due to this, the weekly news recap provides you with the newest trends, weaknesses, infringements found, and some possible defense mechanisms.
Bleeping Computer
Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.
The DFIR Report
Key Takeaways In August 2023, we observed an intrusion that started with a phishing campaign using PrometheusTDS to distribute IcedID. IcedID dropped and executed a Cobalt Strike beacon, which was … Read More
The Hacker News
A sophisticated attack campaign dubbed "FROZEN#SHADOW" is underway, using phishing emails to infect systems with the stealthy malware SSLoad.
The Hacker News
A new variant of the RedLine Stealer malware has been discovered, utilizing Lua bytecode for stealth and effectiveness.
Bleeping Computer
A new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab,' promising downloaders a free copy if they convince their friends to install it too.
Cyber Security News
Redline Stealer is a powerful information-stealing malware and hackers often exploit this stealthy stealer to gain unauthorized access to a
Cyber Security News
Threat actors have been discovered to be exploiting a Fortinet Forticlient EMS vulnerability for installing unauthorized RMM tools and
Bleeping Computer
A relatively new malware called Latrodectus is believed to be an evolution of the IcedID loader, seen in malicious email campaigns since November 2023.
The Hacker News
Banking trojan Mispadu expands from Latin America, now targets users in Italy, Poland & Sweden. Finance, automotive, legal & commercial entities at ri
Cyber Security News
This weekly cybersecurity news recap keeps you informed about the latest threats, exposures, mitigation techniques, and emerging malicious tactics that could compromise systems.
Cyber Security News
Mispadu, a banking trojan targeting Latin America, attacks Europe, stealing credentials through phishing emails and malicious URLs.
Security Affairs
In recent campaigns, Iran-linked APT group MuddyWater used a legitimate Remote Monitoring and Management (RMM) solution called Atera.
The Hacker News
Iran-linked hackers, MuddyWater, launch new phishing attacks against Israeli organizations.
Trend Micro
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.
Security Affairs
Cybersecurity researchers discovered multiple GitHub repositories hosting cracked software that are used to drop the RisePro info-stealer.
Security Affairs
Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability
DarkReading
Attackers use Google redirects in their phishing attack leveraging a now-patched vulnerability that aims to spread the multifaceted malware.
The Hacker News
A new DarkGate malware campaign uses a recently patched #MicrosoftWindows flaw (CVE-2024-21412) to deploy malicious software via bogus installers.
Bleeping Computer
A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
Bleeping Computer
A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
Trend Micro
In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.
HACKRead
Watch out for the new CHAVECLOAK banking Trojan as it spreads its infection through SMS phishing, phishing emails, and hacked websites.
The Hacker News
Cybersecurity experts uncover a surge in phishing attacks using Google Cloud Run to distribute banking malware across LATAM and Europe.
HACKRead
Discover the latest cybersecurity revelation: KONNI malware, linked to North Korea, targets the Russian Ministry of Foreign Affairs.
Cyber Security News
Large-scale malware distribution campaigns are abusing Google Cloud Run to transmit banking trojans, including Astaroth.
The Hacker News
Russian government software compromised in suspected North Korean cyberattack. Konni RAT backdoor discovered in Ministry of Foreign Affairs tool.
CyberNews
Hackers are always trying new methods to deliver information stealers that extract information about crypto wallets and credentials.
Bleeping Computer
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban.
Trend Micro
In this blog entry, we focus on Earth Preta's campaign that employed a variant of the DOPLUGS malware to target Asian countries.
Bleeping Computer
The developer of Qakbot malware, or someone with access to the source code, seems to be experimenting with new builds as fresh samples have been observed in email campaigns since mid-December.
Cyber Security News
Threat actors exploit Microsoft Defender SmartScreen zero-day flaws to circumvent the security mechanisms designed to protect users.
The Hacker News
Bumblebee, QakBot, Zloader, & PikaBot are back, sneakier than ever. Don't trust those shady emails or downloads.
The Hacker News
Microsoft's latest Patch Tuesday tackles 73 vulnerabilities, including actively exploited zero-days.
Cyber Security News
Cybersecurity analysts at Kaspersky Labs recently discovered Coyote malware that leverages the NodeJS to attack users of more than 60 banks.
Krebs on Security
Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks.
Trend Micro
The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.
DarkReading
Brazil, the world's center for banking Trojan malware, has produced one of its most advanced tools yet. And as history shows, Coyote may soon expand its territory.
SecurityWeek
Thirty-four cybersecurity-related merger and acquisition (M&A) deals were announced in January 2024.
The Hacker News
Over 2,000 Ukrainian computers infected with DirtyMoe malware: This malware is capable of stealing cryptocurrency and launching denial-of-service atta
Security Affairs
The CERT-UA reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country.
Bleeping Computer
The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country.
Bleeping Computer
The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country.
The Hacker News
Mexican banks under attack! Spear-phishing campaign using modified AllaKore RAT targets large companies.
The Cyber Express
Cyble Research and Intelligence Labs (CRIL) has identified an ongoing campaign targeting individuals seeking asylum in the United States through
HACKRead
The original Chae$ malware was identified in September 2023, and its latest version, dubbed Chae$ 4.1, employs advanced code polymorphism to bypass antivirus detection.
Infosecurity News
Proofpoint said it thwarted a large-scale campaign on January 11 primarily targeting North America
DarkReading
Analysis of the infostealer malware version 4.1 includes hidden ASCII art and a shout-out thanking cybersecurity researchers.
Cyber Security News
Some of the vulnerabilities were added to the CISA’s Known Exploited Vulnerabilities catalog marking them as extremely important to patch.
DarkReading
Microsoft and several others have reported seeing the noxious malware surfacing again in a campaign targeting the hospitality industry.
The Hacker News
PikaBot, a dangerous loader, is spreading via malvertising campaigns targeting users searching for legit software like AnyDesk
Cyber Security News
At the forefront of this digital onslaught is the insidious PikaBot, a malware variant that ingeniously exploits the expansive reach of Google Ads.
Infosecurity News
Researchers observed malicious files advancing through email, PDF, URL and MSI
Security Affairs
Experts warn of a new phishing campaign distributing the QakBot malware, months after law enforcement dismantled its infrastructure.
The Hacker News
QakBot malware returns, using sneaky phishing emails masquerading as IRS employees.
Bleeping Computer
WordPress hosting provider Kinsta is warning customers that Google ads have been observed promoting phishing sites to steal hosting credentials.
Bleeping Computer
The QakBot malware is once again being distributed in phishing campaigns after the botnet was disrupted by law enforcement over the summer.
The Hacker News
Threat hunters have discovered new tactics used by the GuLoader malware to evade analysis.
SecurityWeek
LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images.
Cyber Security News
Multiple vulnerabilities have been found in IBM QRadar Wincollect which were associated with Denial of service that could allow a threat.
Trend Micro
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.
Cyber Security News
Cybersecurity researchers at Malwarebytes recently identified a malicious campaign that mimics the WindowsReport.com portal.
Bleeping Computer
A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the Redline info-stealing malware.
The Hacker News
Malicious sites posing as legit Windows news portals spotted distributing malware disguised as CPU-Z.
Cyber Security News
The recently disclosed Apache ActiveMQ remote code execution (RCE) flaw, CVE-2023-46604 is being exploited to spread ransomware.
Bleeping Computer
A remote code execution (RCE) flaw impacting Apache ActiveMQ has been under active exploitation by threat actors who use HelloKitty ransomware payloads.
The Hacker News
Cybersecurity experts uncover a critical flaw in Apache ActiveMQ. Hackers exploit it for ransomware attacks.
Infosecurity News
WithSecure has found strong indicators that DarkGate attacks are being perpetrated by attackers also using the Ducktail infostealer
Bleeping Computer
A Google Ads campaign was found pushing a fake KeePass download site that used Punycode to appear as the official domain of the KeePass password manager to distribute malware.
Trend Micro
Almost a year after Void Rabisu shifted its targeting from opportunistic ransomware attacks with an emphasis on cyberespionage, the threat actor is still developing its main malware, the ROMCOM backdoor.
Cyber Security News
Wireshark has been the most widely used open-source Network protocol analyzing tool for several purposes, including troubleshooting, analysis.
Latest Hacking News
Researchers have discovered a new phishing campaign that exploits Microsoft’s Bing Chat to promote malicious URLs. The campaign involves creating malicious ads via legit ads businesses to rank higher and appear in Bing Chat responses
Bleeping Computer
Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware.
The DFIR Report
In 2022, The DFIR Report observed an increase in the adversarial usage of Remote Management and Monitoring (RMM) tools. When compared to post-exploitation channels that heavily rely on terminals, such … Read More
Latest Hacking News
Researchers have caught a new malware campaign in the wild that deploys a novel Rust-based malware to Azerbaijan targets. While not linked to a known threat actor group, the campaign still includes some false flags,
The Hacker News
Researchers warn of a new sophisticated campaign, Operation Rusty Flag, deploying Rust-based malware in Azerbaijan.
Bleeping Computer
Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users to websites that distribute the BatLoader malware.
Bleeping Computer
Today is Microsoft's September 2023 Patch Tuesday, with security updates for 59 flaws, including two actively exploited zero-day vulnerabilities.
Bleeping Computer
MSI has released BIOS updates to fix a known issue that triggers blue screens of death on Windows computers after installing August 2023 preview updates.
Bleeping Computer
The Chaes malware has returned as a new, more advanced variant that includes a custom implementation of the Google DevTools protocol for direct access to the victim's browser functions, allowing it to steal data using WebSockets.
The Hacker News
Chaes malware leveled up by switching to Python, refining communication, and slipping through defenses.
The Hacker News
Hackers are now using a sneaky "MalDoc in PDF" technique to hide malicious Word files within PDFs.
Cyber Security News
The latest attack techniques, significant weaknesses, and exploits have all been highlighted. We also provide the most latest software upgrades available to keep your devices secure.
The Hacker News
New malspam campaign uses DarkGate malware to steal data, mine cryptocurrency, and evade detection.
Bleeping Computer
Japan's computer emergency response team (JPCERT) is sharing a new 'MalDoc in PDF' attack detected in July 2023 that bypasses detection by embedding malicious Word files into PDFs.
Bleeping Computer
Microsoft says the recent wave of blue screens impacting some Windows users is not caused by issues in its August 2023 optional updates.
Bleeping Computer
MSI has officially confirmed the recent surge of blue screens of death (BSODs) encountered by Windows users after installing this week's optional preview updates is linked to some of its motherboard models.
DarkReading
The offending ads and pages leveraged interest in AI to spread a malicious credential-stealing browser extension.
Trend Micro
In this entry, we discuss how a threat actor abuses paid Facebook promotions featuring LLMs to spread malicious code, with the goal of installing a malicious browser add-on and stealing victims’ credentials.
Infosecurity News
ESET said Facebook promoted the download of what seemed to be Google’s Bard AI tool
Bleeping Computer
The Rhysida ransomware as a service (RaaS) operation that emerged in May 2023 is gradually leaving the period of obscurity behind, as a recent wave of attacks on healthcare organizations has forced government agencies and cybersecurity companies to pay closer attention to its operations.
Trend Micro
In this blog entry, we will provide details on Rhysida, including its targets and what we know about its infection chain.
Trend Micro
In June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we’ve covered in previous blog entries.
Cyber Security News
This week's Threat and Vulnerability Roundup is here! We at Cyber Writes take pride in delivering a weekly roundup of the most up-to-date cybersecurity news.
Cyber Security News
The purple fox malware has been active since 2018, adopting a new technique to deliver its payload through MS SQL servers.
The Hacker News
Zero-day vulnerabilities found in Atera remote monitoring software's Windows Installers can lead to privilege escalation attacks
Latest Hacking News
Researchers have found a new malware campaign from the DangerousPassword attack group against desktops. The threat actors have caught the malicious campaign deploying Python and Node.js malware on Linux, Windows, and Mac devices. DangerousPassword Running Active
The Record
Two new vulnerabilities have been found in a popular brand of baseboard software used in millions of devices worldwide.
The Hacker News
Beware of BundleBot, a stealthy malware strain that's stealing sensitive info from compromised hosts! It spreads through Facebook Ads.
Loading more articles....