Tag: BROWSER

Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Summary: Microsoft has issued warnings about multiple phishing campaigns utilizing tax-related themes to distribute malware and steal credentials. These campaigns employ sophisticated methods like URL shorteners and QR codes to mask malicious intent while targeting thousands of organizations, especially in the U.S. The attacks often involve a phishing-as-a-service platform, RaccoonO365, and various malware types, including remote access trojans and information stealers.…
Read More
CISA’s Latest Advisories Expose High-Risk Vulnerabilities in Industrial Control Systems
Summary: CISA has issued two critical advisories regarding vulnerabilities in Industrial Control Systems (ICS) that could severely affect critical infrastructure. The advisories target Rockwell Automation Lifecycle Services and Hitachi Energy’s MicroSCADA Pro/X SYS600, both indicating significant security risks that require immediate attention and mitigation. Organizations are urged to implement defensive measures to protect their systems from potential exploitation.…
Read More
Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware
Summary: North Korean threat actors, notably the Lazarus Group, have employed a new social engineering tactic called ClickFix to lure job seekers within the cryptocurrency sector, delivering a Go-based backdoor named GolangGhost on Windows and macOS. In parallel, a surge in fraudulent IT worker schemes has been detected in Europe, with North Korean nationals posing as legitimate remote workers to generate illicit revenue while circumventing international sanctions.…
Read More
Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices
Summary: Counterfeit smartphones have been found preloaded with a modified version of the Triada Android malware, affecting over 2,600 users primarily in Russia. This malware can steal sensitive information, control devices remotely, and has been distributed through compromised production processes. The ongoing threat from Triada highlights vulnerabilities in the hardware supply chain and the potential financial gain for attackers.…
Read More
ProtectEU Is Here – But Can It Really Protect Europe from Rising Security Threats?
Summary: The European Commission has unveiled ProtectEU, a comprehensive strategy designed to enhance the security of EU citizens through improved governance, intelligence sharing, and law enforcement empowerment. With a holistic approach, the strategy also seeks to address cybersecurity threats, organized crime, and terrorism while fostering cooperation among various stakeholders.…
Read More
RedCurl’s Ransomware Debut: A Technical Deep Dive
This research by Bitdefender Labs introduces the QWCrypt ransomware campaign, linked to the RedCurl group, marking a significant shift in their tactics from data exfiltration to ransomware. RedCurl has been operating since 2018 but has historically utilized Living-off-the-Land techniques for corporate espionage. Their targeting of specific infrastructures and the use of hypervisor encryption underscores a sophisticated evolution in their operational strategy, raising questions regarding their motivations and business model.…
Read More
RolandSkimmer: Silent Credit Card Thief Uncovered
The “RolandSkimmer” campaign utilizes malicious browser extensions and LNK files to execute persistent credit card skimming attacks, primarily targeting users in Bulgaria. The malware collects sensitive data through deceptive mechanisms while maintaining stealth and adaptation to its victims’ environments. Affected: Microsoft Windows, Chrome, Edge, Firefox

Keypoints :

The “RolandSkimmer” campaign targets Microsoft Windows users through malicious LNK files and browser extensions.…
Read More
Serial Entrepreneurs Raise M to Counter AI Deepfakes, Social Engineering
Summary: Adaptive Security, a startup combating deepfake social engineering and AI threats, has secured million in early-stage funding led by Andreessen Horowitz and the OpenAI Startup Fund. Founded by Brian Long and Andrew Jones, the company aims to develop a platform for simulating AI-generated attacks, enhancing employee training and real-time threat triaging.…
Read More
DragonForce Claims to Be Taking Over RansomHub Ransomware Infrastructure
Summary: The DragonForce ransomware group has announced a potential takeover of RansomHub’s infrastructure, a leading ransomware group. Cyble reports that while the specifics are unclear, DragonForce claims to be integrating RansomHub into their operations amid speculation following RansomHub’s site going offline. This shift follows DragonForce’s recent expansion of its ransomware services and infrastructure upgrades.…
Read More
SmokeLoader Malware Deployed in Stealthy Campaign Targeting Major Banks
Summary: G DATA security researchers have uncovered a sophisticated malware infection chain targeting First Ukrainian International Bank, centering on the enhanced SmokeLoader and its intermediary, Emmenhtal Loader. The attack utilizes social engineering, living off the land binaries, and advanced evasion techniques to deploy multiple malware stages stealthily without detection.…
Read More
Apple Backports Zero-Day Patches to Older Devices in Latest Security Update
Summary: Apple has rolled out critical security updates to address a series of vulnerabilities, including two actively exploited zero-day threats. These updates provide backported patches for older versions of iOS, iPadOS, macOS, and watchOS, ensuring that even outdated devices receive essential security enhancements. The efforts underline Apple’s commitment to mitigating risks across its entire ecosystem.…
Read More
Royal Mail Group Loses 144GB to Infostealers: Same Samsung Hacker, Same 2021 Infostealer Log
Summary: A massive data breach has exposed 144GB of sensitive information from Royal Mail Group, including personally identifiable information and internal documents, linked to a previous compromise at a third-party service provider, Spectos. The breach, carried out by the threat actor “GHNA,” echoes a recent breach involving Samsung, highlighting a concerning trend in supply chain vulnerabilities exacerbated by AI technologies.…
Read More
Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities
Summary: Google and Mozilla have released Chrome 135 and Firefox 137, addressing nearly two dozen security vulnerabilities, including high-severity memory safety bugs. Chrome 135 includes 14 security fixes, while Firefox 137 resolves eight security defects, some of which could lead to code execution. Users are encouraged to update their applications promptly, as no active exploitation of these vulnerabilities has been reported.…
Read More
Thailand Enhances Cyber Resilience with AI-Powered Security Measures
Summary: Thailand’s National Cyber Security Agency (NCSA) and Google Cloud have partnered to enhance the nation’s cybersecurity infrastructure, focusing on improving cyber resilience amid growing threats. This initiative includes threat intelligence sharing, incident response training, and enhanced protections for individual users against scams. With the increasing digital transformation in Thailand, these efforts aim to safeguard both citizens and government entities from cyber vulnerabilities.…
Read More
PicoCTF 2025 Walkthrough
The article provides walkthroughs for various challenges in the PicoCTF 2025 competition, focusing on different aspects of cybersecurity such as cryptography, reverse engineering, and web exploitation. It details methods for cracking hashes, decoding encrypted messages, analyzing binaries, and exploiting web vulnerabilities to capture flags. Affected: cybersecurity sector, educational platforms

Keypoints :

The first challenge involves cracking an MD5 hash using online tools.…
Read More
The North Korean Nation-State APT43 Kimsuky Used PowerShell ForceCopy to Conduct Spear-Phishing Analysis
The article discusses the theft of web browser information through the use of malware, particularly focusing on a PowerShell script associated with the Kimsuky threat group. The analysis highlights the use of obfuscation techniques that make the malware complex and challenging to analyze, especially in the context of advancing AI capabilities.…
Read More
Summary: TRUeSentire’s Threat Response Unit has identified an advanced KoiLoader malware intrusion attempting to compromise systems through a phishing email. The attack leverages misleading file formats, manipulates PowerShell commands, and employs multiple anti-detection techniques to deploy the Koi Stealer for extensive data theft. KoiLoader exemplifies sophisticated malware engineering, utilizing custom cryptographic channels for Command and Control (C&C) operations.…
Read More