Tag: SOCIAL MEDIA

Beyond the Scanner: How Phishers Outsmart Traditional Detection Mechanisms
The article discusses the evolving tactics used by phishers to evade detection by traditional URL scanning techniques. It highlights various methods, including geo-fenced filtering, user-agent filtering, and parameter-based filtering, that cybercriminals use to keep their phishing attacks active. The CloudSEK XVigil platform plays a crucial role in detecting these sophisticated phishing attempts.…
Read More
Malaysia Braces for Cyberattacks During Hari Raya: Cyber999 Issues Warning
Summary: A significant rise in cybersecurity incidents has been reported in Malaysia since early 2025, prompting Cyber999 to issue an advisory for heightened vigilance and preventive measures. The ongoing threats include ransomware, data breaches, and various scams, especially during the festive season. Key recommendations for system administrators, financial institutions, and home users are provided to mitigate these risks.…
Read More
Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years
Summary: A major telecommunications company in Asia suffered a breach by Chinese state-sponsored hackers known as Weaver Ant, who maintained a prolonged presence in their systems for over four years. The attackers employed advanced techniques, including the use of web shells and a unique tool dubbed INMemory, to facilitate cyber espionage and maintain access to sensitive data.…
Read More
Nearly million stolen from Abracadabra Finance in crypto heist
Summary: Abracadabra Finance suffered a theft of approximately million worth of cryptocurrencies due to a security breach linked to its lending product, “cauldrons.” The company is investigating the incident and collaborating with security firms, while blockchain analytics firm Chainalysis tracks the stolen funds. Additionally, a bug bounty of 20% of the stolen amount has been offered to the hacker.…
Read More
New Android malware uses Microsoft’s .NET MAUI to evade detection
Summary: New Android malware campaigns leveraging Microsoft’s .NET MAUI framework have emerged, allowing attackers to disguise malicious apps as legitimate services to evade detection. These tactics, first reported by McAfee, pose a significant security risk, especially as targeting could expand beyond China and India. The use of multi-layered encryption and the unique storage of app logic in binary blob files complicates detection efforts further.…
Read More
Fake Hiring Challenge for Developers Steals Sensitive Data
Summary: Cyble threat intelligence researchers have identified a malicious GitHub repository posing as a coding challenge that lures developers into downloading a data-stealing backdoor. Targeting Polish-speaking developers, the campaign employs unique methods including using a social media profile for command and control (C&C) activities and geofencing to limit execution.…
Read More
Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks
Summary: Microsoft has introduced a new inline data protection feature for its Edge for Business browser to prevent data leakage into generative AI applications. Additionally, the company announced enhanced security features for Microsoft Teams to combat phishing attacks and protect sensitive communications. Lastly, Microsoft is expanding its Security Copilot with new AI agents to improve threat detection and response.…
Read More
Former University of Michigan Football Coach Indicted on Charges of Unauthorized Access and Identity Theft
Summary: Matthew Weiss, former Co-Offensive Coordinator and Quarterbacks Coach at the University of Michigan, has been indicted for unauthorized computer access and aggravated identity theft, affecting over 150,000 athletes. The charges involve illegally accessing sensitive personal data and infiltrating the online accounts of thousands of individuals, including downloading private materials.…
Read More
Dragon RaaS: Pro-Russian Hacktivist Group Walks the Razor’s Edge Between Cybercrime and Propaganda
Summary: A new Ransomware-as-a-Service player, Dragon RaaS, combines political hacktivism with opportunistic cybercrime, targeting organizations with weak security. It emerged as a splinter group from the Stormous ransomware gang and is affiliated with various cybercrime syndicates. Dragon RaaS’s operations focus on defacement attacks and ransomware extortion, utilizing a rebranded version of existing ransomware techniques.…
Read More
Trump order on information sharing appears to have implications for DOGE and beyond
Summary: President Trump’s new executive order aims to enhance information-sharing across federal and state governments, lifting barriers to data exchange while aiming to eliminate bureaucratic inefficiencies. Critics, including civil libertarians, warn that this could facilitate abuses of civil liberties and lead to extensive surveillance of individuals.…
Read More
US Treasury removes sanctions on Tornado Cash after appellate court loss
Summary: Tornado Cash, a cryptocurrency mixer accused of laundering funds for North Korean hackers, has been removed from the U.S. sanctions list following a court ruling that the Treasury Department exceeded its authority. The decision acknowledges complex legal challenges associated with regulating digital assets. Despite the sanctions removal, concerns remain regarding the use of cryptocurrency for cybercrime.…
Read More
Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes’ Intimate Photos
Summary: Former NFL and University of Michigan coach Matt Weiss has been indicted for hacking into the accounts of thousands of college athletes to seek intimate photographs and videos. Weiss faces multiple charges, including unauthorized computer access and identity theft, after accessing sensitive personal information of over 150,000 athletes from various institutions.…
Read More
Former Michigan football coach indicted in hacks of athlete databases of more than 100 colleges
Summary: Matthew Weiss, a former University of Michigan assistant football coach, has been charged with hacking into the student athlete databases of over 100 colleges and universities, accessing the personal and medical information of approximately 150,000 individuals. The federal indictment includes multiple counts of unauthorized access to computers and aggravated identity theft.…
Read More
Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes’ Intimate Photos
Summary: Browser security is becoming increasingly critical due to a 140% rise in phishing attacks, primarily fueled by zero-day vulnerabilities and advancements in generative AI used by cybercriminals. As attackers adopt sophisticated techniques akin to professional engineering, the risk of browser-based phishing is expected to escalate dramatically moving into 2025.…
Read More
GrassCall Campaign: The Hackers Behind Job Recruitment Cyber Scams
The “GrassCall” malware campaign is an advanced social engineering attack targeting job seekers in the cryptocurrency and Web3 sectors, orchestrated by the Russian cybercriminal organization “Crazy Evil.” Utilizing fake job interviews, the attackers compromise systems to steal cryptocurrency assets, resulting in hundreds of victims. Affected: cryptocurrency sector, job seekers

Keypoints :

The GrassCall malware campaign is led by the Russian-speaking cyber-criminal organization “Crazy Evil.”…
Read More
Fake Cloudflare Verification Results in LummaStealer Trojan Infections
This article describes an ongoing malware campaign utilizing malicious WordPress plugins to spread the LummaStealer trojan. The malware trick users into running harmful PowerShell commands, thus collecting sensitive data from infected PCs. The campaign exploits fake human verification prompts primarily targeting Windows users. Affected: WordPress websites, Windows operating system users

Keypoints :

LummaStealer is an infostealer malware designed to collect sensitive data.…
Read More