Threats & Malware, Virus & Malware
June 9, 2023
Via: The Hacker NewsA new custom backdoor dubbed Stealth Soldier has been deployed as part of a set of highly-targeted espionage attacks in North Africa. “Stealth Soldier malware is an undocumented backdoor that primarily operates surveillance functions such as file exfiltration, screen and […]
June 9, 2023
Via: The Hacker NewsBanking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) attack, Microsoft has revealed. “The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks […]
June 8, 2023
Via: The Hacker NewsThe North Korean nation-state threat actor known as Kimsuky has been linked to a social engineering campaign targeting experts in North Korean affairs with the goal of stealing Google credentials and delivering reconnaissance malware. “Further, Kimsuky’s objective extends to the […]
Threats & Malware, Virus & Malware
June 7, 2023
Via: The Hacker NewsThe Ransomware Industry Ransomware is an industry. As such, it has its own business logic: organizations pay money, in crypto-currency, in order to regain control over their systems and data. This industry’s landscape is made up of approximately 10-20 core […]
June 2, 2023
Via: The Hacker NewsU.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors’ use of social engineering tactics to strike think tanks, academia, and news media sectors. The “sustained information gathering efforts” have been attributed to […]
Threats & Malware, Virus & Malware
May 25, 2023
Via: The Hacker NewsA Brazilian threat actor is targeting more than 30 Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021. “The attackers can steal credentials and exfiltrate users’ data and personal information, which can be […]
Cyber warfare, Cyber-crime, Phishing
May 18, 2023
Via: Dark ReadingCyber espionage attacks against organizations in Taiwan have surged against the backdrop of recent political tensions, new research shows. Trellix this week cited a fourfold rise in malicious phishing emails targeting Taiwanese companies between April 7 and 10 of this […]
Threats & Malware, Virus & Malware
May 16, 2023
Via: The Hacker NewsThe threat actors behind the CopperStealer malware resurfaced with two new campaigns in March and April 2023 that are designed to deliver two novel payloads dubbed CopperStealth and CopperPhish. Trend Micro is tracking the financially motivated group under the name […]
May 15, 2023
Via: The Hacker NewsGovernment, aviation, education, and telecom sectors located in South and Southeast Asia have come under the radar of a new hacking group as part of a highly-targeted campaign that commenced in mid-2022 and continued into the first quarter of 2023. […]
May 8, 2023
Via: The Hacker NewsAn ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine (CERT-UA). The emails, per the agency, are sent using […]
May 8, 2023
Via: Dark ReadingNorth Korean cyber espionage group Kimsuky has expanded its attack arsenal with a new spear-phishing campaign that uses Microsoft OneDrive links in documents armed with malicious macros that drop novel reconnaissance malware. Researchers at SentinelLabs observed a new campaign from […]
May 5, 2023
Via: The Hacker NewsThe North Korean state-sponsored threat actor known as Kimsuky has been discovered using a new reconnaissance tool called ReconShark as part of an ongoing global campaign. “[ReconShark] is actively delivered to specifically targeted individuals through spear-phishing emails, OneDrive links leading […]
May 4, 2023
Via: Natalie DunnArtificial intelligence (AI) is rapidly transforming, bringing many benefits to our daily lives, from personalized recommendations to self-driving cars. At the same time, hackers also leverage AI to make their attacks more sophisticated and challenging to detect. In recent years, […]
April 19, 2023
Via: Help Net SecurityAs cyberattacks increase in frequency and sophistication, small and medium-sized businesses (SMBs) become more vulnerable to cyber threats. Unlike larger enterprises, SMBs often lack the financial and technical resources to secure their networks and data against malicious actors effectively. With […]
April 17, 2023
Via: The Hacker NewsA Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google’s infrastructure for malicious ends. The tech giant’s Threat Analysis Group […]
Threats & Malware, Vulnerabilities
April 13, 2023
Via: Help Net SecurityIt used to be that people were the greatest cybersecurity vulnerability, but this is no longer true. The rise of the internet made people more connected than ever. Attackers capitalized on that fact and targeted employees directly to gain access […]
April 5, 2023
Via: The Hacker NewsA North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea and the U.S. Google’s Threat Analysis Group (TAG) is tracking the cluster under the […]
Threats & Malware, Vulnerabilities
April 4, 2023
Via: Security AffairsU.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Zimbra flaw, tracked as CVE-2022-27926, to its Known Exploited Vulnerabilities Catalog. The CVE-2022-27926 flaw affects Zimbra Collaboration version 9.0.0, which is used to host publicly-facing webmail portals. Proofpoint researchers recently […]
March 27, 2023
Via: SecurelistThe idea of creating Web 3.0 has been around since the end of 2000s. The new version of the world wide web should repair the weak points of Web 2.0., some of which are: featureless content, prevalence of proprietary solutions, […]
March 23, 2023
Via: Help Net SecurityBetween January 2021 and October 2022, the EU Agency for Cybersecurity (ENISA) analyzed and mapped the cyber threats faced by the transport sector, identifying prime threats, analyzing incidents, assessing threat actors, analyzing their motivations, and introducing major trends for each […]