Tag: SOCIAL MEDIA

Ransomware groups test new business models to hit more victims, increase profits
Summary: Research indicates that operators of DragonForce and Anubis ransomware-as-a-service are evolving their business models to attract more affiliates, akin to strategies used in legitimate businesses. By adopting new collaborative frameworks and monetization methods, they aim to increase their market share, but these developments come with shared risks among affiliates.…
Read More
Phishing detection is broken: Why most attacks feel like a zero day
Summary: Phishing attacks have evolved significantly, making traditional detection methods inadequate, as they rely on indicators that occur post-attack. Attackers are using dynamic and novel strategies that evade conventional blocklists and detection mechanisms, resulting in a system that is often reactive rather than proactive. The future of phishing detection lies in real-time observation directly within user browsers to effectively stop attacks as they happen.…
Read More
Three Reasons Why the Browser is Best for Stopping Phishing Attacks
Summary: Phishing attacks have escalated in 2025, largely due to attackers’ increased reliance on identity-based techniques and stolen credentials. Traditional email and network-based security controls are struggling to keep up with the sophisticated evasion tactics employed by attackers. A browser-based detection and response approach is proposed as a more effective means to intercept and mitigate phishing threats in real-time.…
Read More
CoinLurker: The Stealer Powering the Next Generation of Fake Updates
The article discusses the evolution of fake update campaigns led by the sophisticated malware CoinLurker, which utilizes advanced techniques to exfiltrate sensitive data while bypassing security measures. CoinLurker employs obfuscation and stealth to evade detection and primarily targets cryptocurrency-related information. Affected: users of cryptocurrency wallets, cybersecurity sector

Keypoints :

CoinLurker, written in Go, is designed to evade detection while stealing data.…
Read More
Hackers abuse Zoom remote control feature for crypto-theft attacks
Summary: A hacking group called ‘Elusive Comet’ targets cryptocurrency users through social engineering attacks that exploit Zoom’s remote control feature. They use fake accounts to invite high-value targets to a fraudulent interview, leading victims to unknowingly grant remote control access to their machines. This attack methodology is similar to the .5 billion Bybit breach, with the perpetrators employing deceptive tactics that take advantage of users’ familiarity with Zoom prompts.…
Read More

Summary: The video discusses the benefits of NoSQL databases in handling unstructured and semi-structured data, emphasizing their flexibility for modern applications. It provides insights into how NoSQL can enhance efficiency in various scenarios, such as product catalogs, sensor data management, and social media posts. By the end of the video, viewers will understand how to apply NoSQL effectively in their workloads.…
Read More

Summary: The video discusses operational security (OPSSEC) and privacy, featuring Mitch Cohen from flare.io. The discussion encompasses the importance of maintaining privacy in the digital age, potential threats to individuals, and practical tips on enhancing operational security.

Keypoints:

The video highlights the significance of operational security in protecting one’s personal information and privacy.…
Read More
North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature
Summary: North Korean hackers are exploiting Zoom’s Remote Control feature to install malware on the devices of cryptocurrency investors by masquerading as legitimate business contacts. This attack utilizes social engineering tactics, making targets inadvertently grant remote access during what appears to be legitimate meetings. The malware deployed can exfiltrate sensitive information, resulting in significant financial losses.…
Read More
Lumma Stealer – Tracking distribution channels
The article discusses the rise of Lumma Stealer, a sophisticated type of Malware-as-a-Service (MaaS) that has emerged as a major threat to both individuals and organizations. Exploiting various distribution methods, particularly through fake CAPTCHA pages, Lumma Stealer successfully deceives users into executing malicious commands. Its intricate infection methods, including DLL sideloading and payload injection, enhance its ability to evade security detection.…
Read More
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
Summary: Recent cyber activity highlights the subtle ways attackers gain access to systems, often exploiting overlooked vulnerabilities and misconfigurations. Major findings include active exploitation of a Windows flaw and a phishing campaign targeting crypto developers. Organizations need to be vigilant against these evolving threats and ensure prompt patching of vulnerabilities.…
Read More
The JUICYJAM operation is a state-sponsored social media harassment and doxxing campaign actively targeting Thailand’s pro-democracy movement since August 2020. Utilizing a fabricated persona to conduct online harassment, the campaign has resulted in ongoing intimidation, surveillance, and repression of dissenting voices, as evidenced by leaked documents linking its orchestration to the Royal Thai Armed Forces and Royal Thai Police.…
Read More
Summary: A critical SSH vulnerability in Erlang/OTP, tracked as CVE-2025-32433, allows unauthenticated attackers to execute remote code on affected devices. This flaw is particularly concerning due to the prevalence of Erlang/OTP in telecom infrastructure and databases, with public exploits already available. Immediate upgrades to versions 25.3.2.10 and 26.2.4 are urged to mitigate the risks posed by this vulnerability.…
Read More