Tag: SOCIAL MEDIA

New XCSSET Malware Adds New Obfuscation and Persistence Techniques to Infect Xcode Projects | Microsoft Security Blog
A new variant of XCSSET malware has been discovered, which is specifically designed to infect macOS Xcode projects. This sophisticated malware utilizes advanced obfuscation, updated persistence techniques, and novel infection strategies to exfiltrate sensitive information, including digital wallet data. It operates in a stealthy manner, often remaining fileless, which complicates detection and removal efforts.…
Read More
Crypto exchange OKX shuts down tool used by North Korean hackers to launder stolen funds
Summary: OKX, a Seychelles-based cryptocurrency exchange, has temporarily suspended its decentralized finance services after detecting attempts by the North Korean Lazarus Group to launder stolen funds. The exchange aims to implement upgrades to prevent future misuse while addressing ongoing scrutiny from regulators regarding its compliance practices.…
Read More
StilachiRAT analysis: From system reconnaissance to cryptocurrency theft | Microsoft Security Blog
In November 2024, Microsoft Incident Response uncovered StilachiRAT, a remote access trojan that employs sophisticated evasion techniques and data exfiltration capabilities, targeting sensitive information such as credentials, digital wallet data, and clipboard contents. StilachiRAT establishes command-and-control connectivity with remote servers, and Microsoft has issued guidance to bolster defenses against this growing threat.…
Read More
Can TikTok help Frank McCourt reinvent the internet?
Summary: Frank McCourt, primarily known for his real estate success, is now aiming to acquire TikTok and reshape the internet through his Project Liberty initiative. He believes that the current internet landscape is flawed, leading to misinformation and loss of individual data ownership. McCourt’s vision aims to empower users by giving them control over their data and creating a new internet that prioritizes individual rights over corporate interests.…
Read More
Microsoft Research Reveals – Phishing Campaign Impersonates Booking(.)com, Delivers a Suite of Credential-Stealing Malware
A phishing campaign identified by Microsoft Threat Intelligence targets the hospitality industry, impersonating Booking.com and utilizing the ClickFix social engineering technique to deliver credential-stealing malware. The campaign, ongoing since December 2024, aims at financial fraud by tricking users into executing malicious commands. Affected: hospitality organizations, Booking.com…
Read More
ClickFix Widely Adopted by Cybercriminals, APT Groups
Summary: Since August 2024, state-sponsored hackers and cybercriminals have been using a technique called ClickFix to deploy information stealer malware. This method involves social engineering through malicious JavaScript that manipulates users into executing harmful commands. Group-IB reports an increase in this attack vector, particularly targeting users on various platforms that offer free content or software.…
Read More
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Summary: Microsoft has reported an ongoing phishing campaign titled Storm-1865, targeting the hospitality sector by posing as Booking.com to distribute credential-stealing malware through a social engineering technique known as ClickFix. This operation aims to facilitate financial fraud and theft, affecting individuals primarily in North America, Asia, and Europe.…
Read More
Investigating Scam Crypto Investment Platforms Using Pyramid Schemes to Defraud Victims
Unit 42 researchers have uncovered a widespread campaign distributing fraudulent cryptocurrency investment platforms through websites and mobile applications. The operation employs deceptive practices, impersonating well-known brands to lure victims, particularly in East Africa and Asia. By leveraging multi-level affiliate programs and unrealistic promises of high returns, the campaign closely resembles Ponzi schemes.…
Read More
Ramadan Scams on the Rise: Fake Giveaways, Crypto Traps & Fraudulent Donations | CloudSEK
This report highlights the rise of Ramadan-related cyber scams, particularly targeting charitable contributions and crypto investments. Cybercriminals are exploiting the goodwill associated with Ramadan to spread fraudulent schemes, often using social engineering tactics to deceive victims. Understanding these scams is essential for safeguarding against potential losses.…
Read More
The Rise of AI-Driven Cyber Attacks: How LLMs Are Reshaping the Threat Landscape
This article discusses the transformative impact of generative AI on cyberattacks, enhancing their speed and effectiveness, particularly through the use of Large Language Models (LLMs). It highlights how various Advanced Persistent Threat (APT) groups are employing AI for reconnaissance, phishing, vulnerability discovery, and malware development. As AI capabilities advance, cybersecurity professionals face growing challenges in defending against sophisticated AI-driven threats.…
Read More
Trump Administration Halts Funding for Two Cybersecurity Efforts, Including One for Elections
Summary: The Trump administration has cut approximately million in federal funding for two critical cybersecurity initiatives aimed at supporting state and local election officials, raising concerns about the security of U.S. elections. This decision follows a broader reduction in federal oversight and support related to election security amid criticism of the Cybersecurity and Infrastructure Security Agency (CISA).…
Read More
US Hasn’t Determined Who Was Behind Cyberattack That Caused Outage on Musk’s X
Summary: U.S. officials are investigating a cyberattack on the social media platform X that affected thousands of users, but have not yet identified the perpetrators. Elon Musk, the platform’s owner, suggested that the attack may have links to Ukraine, although cybersecurity experts caution against making assumptions based solely on IP addresses.…
Read More
DDoS Strikes X: Cloudflare Saves Platform, Dark Storm Suspected
Summary: X/Twitter experienced multiple outages today due to a DDoS attack perpetrated by the hacker collective Dark Storm. After implementing Cloudflare’s protective measures, the platform resumed normal operations, but the attackers’ identity and motives raise concerns about future cybersecurity threats. Musk speculated that such an organized attack might hint at either professional or state-sponsored involvement.…
Read More