Threat Actor: Unknown | Unknown Victim: Vanguard | Vanguard Price: $200 (lifetime access) Exfiltrated Data Type: Not specified
Key Points :
A threat actor is selling a Vanguard bypass on…Threat Actor: Unknown | Unknown Victim: Vanguard | Vanguard Price: $200 (lifetime access) Exfiltrated Data Type: Not specified
Key Points :
A threat actor is selling a Vanguard bypass on…Summary: A security researcher discovered a bug that allows anyone to impersonate Microsoft corporate email accounts, potentially enabling phishing attacks.
Threat Actor: N/A
Victim: Microsoft
Key Point:
A bug was…Summary: A Nigerian national has been convicted of participating in a $1.5 million business email compromise (BEC) scam, using social engineering and malicious software to deceive businesses into sending money …
Summary: Cybersecurity researchers have identified a Chinese threat actor, known as SecShow, that has been conducting Domain Name System (DNS) probing on a global scale since June 2023.
Threat Actor: …
Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three known exploited vulnerabilities to its catalog, including an Android Pixel Privilege Escalation Vulnerability, a Microsoft Windows Error Reporting …
Summary: This content discusses the STR RAT, a remote access trojan (RAT) written in Java, its capabilities, and its history of updates.
Threat Actor: STR RAT | STR RAT Victim: …
This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.
This blog …
In the ever-evolving cybersecurity landscape, staying informed with the latest statistics and trends is not just beneficial—it’s imperative. The year 2024 is shaping up to be pivotal, with threats becoming …
AhnLab SEcurity intelligence Center (ASEC) has been publishing the Online Scams series to inform the readers about the ever-evolving scams. Prevention and blocking are the two most important measures to …
Summary: This article discusses the cost of a phishing-as-a-service platform and how cybercriminals are targeting European banking clients with this method.
Threat Actor: Cybercriminals | Cybercriminals Victim: European banking clients …
A global scale domain name system (DNS) probing operation that targets open resolvers has been underway since at least June 2023. We analyzed queries to Infoblox and many other recursive …
This blog is based on collaboration between Infoblox Threat Intel and co-author, Dave Mitchell. The campaign research reported here was completed in January 2024, …
By Ernesto Fernández Provecho · June 3, 2024
Executive summaryDuring 2023, DarkGate made a comeback with a version full of new features, becoming one of the most preferred Remote …
Resecurity has uncovered a cybercriminal group that is equipping fraudsters with sophisticated phishing kits to target banking customers in the EU. These kits are designed to intercept sensitive information, …
Summary: An extensive security audit of QNAP QTS, the operating system for the company’s NAS products, has uncovered fifteen vulnerabilities, with eleven remaining unfixed.
Threat Actor: WatchTowr Labs | WatchTowr …
Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance to help federal civilian agencies meet website encryption requirements and enhance the security of their internal networks by …
No one is safe from scams. In fact, scams targeting corporations and organizations employ meticulously social-engineered attack scenarios. Unlike smishing targeting individuals or online shopping scams, such attacks design tailored …
Summary: This content discusses a phishing campaign that targets business accounts by using email lures and compromising the accounts through a series of steps.
Threat Actor: Unknown | Unknown Victim: …
ESET researchers discovered two previously unknown backdoors – which we named LunarWeb and LunarMail – compromising a European ministry of foreign affairs (MFA) and its diplomatic missions abroad. We believe …
Summary: This article discusses the ongoing growth of a highly advanced server-side malware campaign known as Ebury, which has expanded to include credit card and cryptocurrency theft.
Threat Actor: Ebury …
Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads …
Last updated at Thu, 16 May 2024 17:38:34 GMT
Executive SummaryRapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly …
This article presents a case study on new applications of domain name system (DNS) tunneling we have found in the wild. These techniques expand beyond DNS tunneling only …
Summary: This article discusses the FIDO2 authentication method, its purpose, and how it protects against various attacks. It also explores the vulnerability of FIDO2 to man-in-the-middle attacks and provides mitigation …
Summary: The content discusses the prevalence of document image-of-image fraud technique in identity document fraud and the dominance of selfie spoofing and impersonations in document-related identity fraud.
Threat Actor: Socure …
Summary: NATO and the European Union condemn cyber espionage operations conducted by the Russia-linked threat actor APT28 against European countries.
Threat Actor: APT28 | APT28 Victim: European countries | European …
With the advancement of scamming technology, determining the authenticity of a site solely based on appearance has become exceedingly difficult. In the past, it was possible to identify fakes by …
Summary: Finland’s Transport and Communications Agency (Traficom) has warned about an ongoing Android malware campaign that targets online bank accounts. Scammers send SMS messages instructing recipients to call a number …
Summary: North Korean threat actors are using weak email policies to impersonate legitimate domains and conduct espionage phishing campaigns, targeting policy analysts and experts in East Asian affairs.
Threat Actor: …
This blog contains an excerpt of our new paper that unveils a previously unpublished multi-year operation using Domain Name System (DNS) queries, open DNS resolvers, and China’s Great Firewall. We …
Written by: Kelli Vanderlee, Jamie Collier
Executive Summary
The election cybersecurity landscape globally is characterized by a diversity of targets, tactics, and threats. Elections attract threat activity from a variety …
Key Points
Escalated tensions between Iran and Israel could give rise to cyber threats. Several advanced persistent threat (APT) groups are involved on both sides: APT34, APT35, and CyberAv3ngers in…Summary: Cybersecurity researchers have discovered almost 30 phishing websites that are impersonating the electronic toll collection service E-ZPass, following an FBI warning about smishing attacks targeting road toll collection services.…
Password-manager LastPass users were recently targeted by a convincing phishing campaign that used a combination of email, SMS, and voice calls to trick targets into divulging their …
Summary: This blog post discusses a threat actor that used malvertising and DNS tunneling to distribute a backdoor named “MadMxShell” to target IT professionals in the IT security and network …
April 16, 2024
Greg Lesnewich, Crista Giering, and the Proofpoint Threat Research Team
Key takeaways TA427 regularly engages in benign conversation starter campaigns to establish contact with targets for…
Summary: Microsoft has addressed two zero-day vulnerabilities that threat actors are exploiting to deliver malware.
Threat Actor: Unknown | Unknown Victim: Microsoft | Microsoft
Key Point :
Microsoft has patched…Summary: This content provides a list of security vulnerabilities and their severity levels in various Microsoft products and services.
Threat Actor: N/A
Victim: N/A
Key Point:
The content highlights multiple…Summary: Varonis Threat Labs discovered two techniques in SharePoint that allow users to circumvent audit logs and avoid triggering download events while exfiltrating files. These techniques can bypass traditional security …
On February 21st, 2024, Cofense Intelligence identified an advanced phishing campaign that targeted the Oil and Gas sector to deliver Rhadamanthys Stealer, an advanced information stealer offered as Malware-as-a-Service (MaaS). …
This blog post discusses the IDAT Loader malware and its unique method of retrieving data from PNG files. It also explores the attack chain observed in two separate incidents involving …
____________________ Summary: Apple users are being targeted by a campaign that bombards them with phony password reset requests, leading to potential security risks.
Key Point 🚨 – Users are flooded …
Chinese-language Phishing-as-a-Service platform ‘darcula’ targets organizations in 100+ countries with sophisticated techniques using more than 20,000 phishing domains
‘darcula’ [sic] is a new, sophisticated Phishing-as-a-Service (PhaaS) platform used on more …
__________________________________________________ Summary : The GEOBOX tool on the Dark Web allows hackers to manipulate GPS, simulate networks, mimic Wi-Fi, and evade anti-fraud filters using Raspberry Pi devices.
Key Point : …
Article Summary: 🔍 Discover how cybersecurity researchers uncover vulnerabilities in Zephyr OS, a real-time operating system used in IoT and embedded devices. 🛡️ Learn about the risks of IP address …
A new Denial-of-Service (DoS) attack targets application-layer protocols that draw on the User Datagram Protocol (UDP) for end-to-end communication. ‘Application-layer Loop DoS Attacks’ pair servers of these protocols in such …
An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence.…
A new denial-of-service attack dubbed ‘Loop DoS’ targeting application layer protocols can pair network services into an indefinite communication loop that creates large volumes of traffic.
Devised by researchers at the CISPA Helmholtz-Center …