Blog

Hackers DNS Abuse Vanity Links Spoofing Brands Phishing Domain Names

Hackers abuse vanity links to spoof brands and victimise people

Many companies utilise vanity links mostly for their brands’ marketing purposes. However, researchers warned that threat actors had established ways to perform phishing attacks using this tool. Security experts explained that the issue regarding vanity links abuse begins when a cloud service would allow a vanity subdomain of a company but would not verify it or...
Continue Reading
WHO Impersonation Phishing Campaign Nerbian RAT Malware Fraud Prevention Social Engineering

WHO impersonated in phishing campaign to spread the Nerbian RAT

Nerbian RAT, a new remote access trojan, has recently been found by experts possessing advanced capabilities such as bypassing security detection and being analysed by security researchers. Written in the Go programming language, the new trojan is a cross-platform 64-bit threat spread through a small-scale phishing campaign using macro-laced documents. The malware was discovered in a...
Continue Reading
Mental Health Mobile Apps User Sensitive Data InfoSec Privacy

Mental health apps identified capitalising on users’ sensitive data

Findings published by Mozilla exposed a worrying concern about the lack of security and user privacy for mental health apps found on mobile application stores. These apps are valuable for people undergoing personal distress like anxiety, PTSD, domestic violence, etc. Some religion-themed apps are also discovered in a similar case. The study made by Mozilla detailed...
Continue Reading
UNC3524 Cybersecurity Experts Advanced Obfuscation Tactics

UNC3524 intrigues experts with their advanced obfuscation tactics

A hacking group dubbed UNC3524 is found using thorough strategies in attacking corporate networks to intrude and steal data. According to experts, the threat group remained hidden from its victims for over 18 months while collecting information associated with mergers, acquisitions, and financial transactions. UNC3524 was first detected in December 2019. They utilised a wide array...
Continue Reading
Cybersecurity Analysts Cybercriminal Sub Groups TA410 Hacker Gang JollyFrog FlowingFrog LookingFrog

Analysts found three cybercriminal sub-groups working for the TA410 gang

Recent research conducted by cybersecurity analysts revealed that the TA410 threat gang controls an operation containing three sub-groups. Although the groups are under the same umbrella, they have different tactics, techniques, and procedures for striking their victims. The three sub-groups working on the TA410 are JollyFrog, FlowingFrog, and LookingFrog. These three groups work separately but are...
Continue Reading
Lapsus$ Threat Group Dark Web Data Breach Cyberattack

Lapsus$ continues to ravage its targets to leave a mark on the dark web

A new report revealed how the Lapsus$ operators deploy their attacks, including some information about the TTPs of the highly unpredictable attacks of the group and an analysis of how they select and target victims. In the last five months, the Lapsus$ group became notorious after successfully breaching big-time firms such as Samsung, Nvidia, Okta, and...
Continue Reading
Phishing Operator California Online Scam US DoD Fraud Prevention DNS Intelligence

A phishing operator from California scammed the US DoD with $23.5M

A California resident phishing operator named Sercan Oyuntur has been indicted by the US Department of Justice (DoJ) for its malicious campaigns causing the US Department of Defense (DoD) to lose over $23.5 million in damages. The money swindled from the US DoD was meant for funding a jet fuel supplier. However, the phishing operator diverted...
Continue Reading
Verified Users Twitter Email Phishing Online Scam Fraud Prevention Social Media

Verified users on Twitter get targeted by email phishing scams

Verified user accounts on Twitter are warned about an ongoing phishing campaign which aims to steal account credentials. Those verified users on Twitter have a blue checkmark or badge beside their names, indicating their status as celebrities, politicians, and other figures representing their distinction. All verified users must submit a list of their information for Twitter...
Continue Reading
Black Basta Conti Ransomware Hacker Group Malware

Black Basta may be connected to the Conti ransomware group

A new ransomware group called Black Basta has infected about a dozen organisations, and some researchers claim that it may have a link to the notorious Conti gang. The appearance of Black Basta was first discovered last month. Researchers also noted that they had already compiled samples regarding the new threat in February. The threat actors...
Continue Reading
GOLD ULRICK Threat Group Conti Ransomware Cyberattack Scheme Malware

The GOLD ULRICK group continues to adapt Conti ransomware’s scheme

A newly discovered threat group called GOLD ULRICK continues to adapt and operate the Conti name-and-shame ransomware scheme and adjusted well to the massive data leak of Conti ransomware’s source code. Conti is still actively circulating in the wild based on recent findings despite experiencing enormous data leaks from security researchers. The efforts of many researchers...
Continue Reading
Onleihe Online Library Mobile App Cyberattack Germany Third Party Vendor Digital Risk

Onleihe, an online library application, severely affected by a cyberattack

After a cyberattack targeted their vendor, the library lending app Onleihe announced problems in multiple media formats endorsed on the platform, like audio, video, and e-book files. Onleihe is an application that enables visitors and users to connect to local libraries and borrow e-magazines and audiobooks. The application is utilised by various universities in Europe and...
Continue Reading
New Malware Exploits INITECH Process Lazarus Gang North Korean Hacker

New malware that exploits the INITECH Process is linked to Lazarus gang

Researchers link the North Korean-sponsored Lazarus group to a new malware that targeted over 40 institutions. The recent attacks in the first months of this year revealed further details regarding the malware attacking organisations by spoofing an executable of INISAFE CrossWeb EX version 3, a security program of INITECH. The threat actors input the malware through...
Continue Reading
Log4j Flaw Vulnerability Expose Devices Cyberattacks

The Log4j flaw still exposes thousands of devices to cyberattacks

Several months after security analysts found the critical zero-day flaw under the Java logging library Apache Log4j, they disclosed that many servers and applications are still prone to cyberattacks posed by the flaw due to failure to apply proper security patches. The vulnerability tracked as CVE-2021-44228 was first detailed last December, allowing hackers to launch remote...
Continue Reading
Global Phishing Attacks Records Phishing-as-a-Service Cyber Threat SMiShing

The global phishing attacks last year have broken previous records

Phishing attacks from last year have broken previous records from the past years. Experts claimed that the emergence of phishing-as-a-service methods and new attack vectors caused this massive upsurge of the attacks. Some researchers also think that the low barrier of entry contributed to the widespread of similar attacks. Threat actors take advantage of current trends...
Continue Reading
Internet Explorer Security Flaw Vulnerability Abuse RedLine Infostealer Malware Dark web

Internet Explorer security flaw gets abused to spread RedLine attacks

New data revealed that threat actors are reutilising the RedLine malware in their cyberattacks against networks from over 150 countries in April this year. In January, researchers first identified a campaign that exploits the CVE-2021-26411 security flaw of the web browser Internet Explorer to spread the malware. RedLine stealer is a password-stealing malware available on underground...
Continue Reading
AI-generated Images Online Scam Fraud Prevention Cyberattack campaigns Social Engineering

AI-generated images exploited for new scam campaigns

Scammers are becoming more advanced as technology progresses after security researchers discovered that AI-generated images are being used to conduct fraudulent activities. Based on a report, one victim received a suspicious email from an alleged attorney in a Boston law firm. After examining the email’s sender, it turned out that they are non-existent, and the email’s...
Continue Reading
Lemon Duck Botnet Docker Servers Cryptomining Cyberattack Malware

Lemon Duck botnet breached Docker servers to launch crypto mining

A massive Monero crypto mining attack using the Lemon Duck botnet has targeted Docker Application Programing Interface (API) on Linux servers. Researchers said its operators launch the botnet attacks to target misconfigured Docker systems. The threat actors operating the recent Lemon Duck campaign hide their crypto wallets behind proxy pools based on sample analysis. Moreover, the...
Continue Reading
Nokoyawa Ransomware Malware Threat Group TTP Cyber Threat

The latest information about Nokoyawa ransomware gets uncovered

Researchers claimed that the Nokoyawa ransomware showed similarities with the Hive group after noticing resemblances in their tricks, tactics, and procedures (TTPs). However, the researchers have taken a step back and reevaluated some things after separate researchers shared new details and discoveries on the Nokoyawa ransomware.   The Nokoyawa showed signs of being Hive related, but...
Continue Reading
Third Party Vendor Antivirus Flaw Vulnerability Virus Total RCE Exploit Patched

A third-party AV flaw on VirusTotal triggering RCE exploit gets patched

A security flaw was found within Google’s VirusTotal platform, allowing threat actors to exploit it to accomplish remote code execution or RCE via the unpatched third-party sandboxing machines employing anti-virus applications. The vulnerability was fixed immediately after being discovered. VirusTotal is a malware-scanning platform under Google’s security subsidiary that investigates suspicious links, domains, and files and...
Continue Reading
Emotet Malware Sophisticated Cyberattack Campaigns Trojan Phishing

Emotet malware returns to continue its sophisticated attack campaigns

After a year since its shutdown, the Emotet malware operation has resurfaced in the threat landscape to continue its attacks. Security analysts listed the malware as the top malicious tool deployed by its operators, which impacted about 10% of firms worldwide in March of this year. Moreover, the analysts have observed a rapid acceleration of a...
Continue Reading
1 2 3 46