Category

Brand Abuse

Brand Abuse Page 3

Hackers Exploited LinkedIn Social Media Phishing Scams Fraud Prevention

Hackers exploited LinkedIn to perform phishing scams

As February began this year, researchers observed a 232% upsurge of email impersonations in LinkedIn, wherein threat actors spoof victims’ display names and stylised HTML templates to trick people into clicking phishing links and inputting their sensitive credentials upon being redirected into fraudulent sites. For those who have been using LinkedIn, it has been customary...
Continue Reading
Google Drive Attack Vector Malicious Downloads Malware Scripts Cloud Services Brand Abuse

Google Drive has become the most efficient vector for malicious downloads

Recent reports revealed how Google Drive became the most exploited function that threat actors used for spreading malicious payloads. Based on data gathered by researchers, about half of all malicious Office documents spread globally were distributed by threat actors using Google Drive. The result of the report is based on a recent study that covers...
Continue Reading
LOLBins Hackers Malware Propagation Windows Lazarus MuddyWater APT

LOLBins channel fascinated hackers to employ it for malware propagation

Threat actors found their new favorite channel, LOLBins, to hide malicious activities from security providers and solutions. The Living Off the Land Binaries, or LOLBins, can be dangerous and challenging for security detections since they are tools that are trusted by security solutions. Since they are charged, they tend to bypass AV solutions and security...
Continue Reading
Threat Actors SEO Poisoning Campaigns Malware Atera Agent Batloader Search Engines

Threat actors utilise SEO poisoning campaigns to distribute malware

An SEO poisoning attack is seen distributing the Atera Agent and Batloader malware which threat actors initiated to target professionals seeking productive tools such as TeamViewer, Visual Studio, and Zoom. Experts stated that the threat actors push SEO strategies to poison Google search results by ranking fake sites as the most searched keywords. In this...
Continue Reading
3000 QNAP Network Devices DeadBolt Ransomware NAS Network Area Storage Malware

Over 3,000 QNAP devices affected by the DeadBolt ransomware

Researchers discovered a new ransomware operation called DeadBolt which already impacted many QNAP NAS devices by encrypting its data. According to the latest reports, ransomware has already targeted and affected approximately 3,600 QNAP devices worldwide. The DeadBolt threat actors exploit a zero-day flaw to infect and compromise QNAP devices and encrypt files using their ransomware....
Continue Reading
UpdateAgent Hostile Malware Infostealer Mac OS Adware Adload

UpdateAgent has grown into a more hostile malware for macOS users

UpdateAgent, a macOS malware, was discovered propagating for a year. Researchers said that the malware started infecting macOS users a few years ago as a standard infostealer malware and nothing more. Unfortunately, the malware has been busy upgrading itself since its operators are non-stop developing its features. According to researchers, UpdateAgent has new functionalities never...
Continue Reading
TrickBot Threat Group Layered Security Hide Itself Malware

The TrickBot group added layered security to effectively hide itself

The TrickBot group has added new features to their obfuscation mechanics to counteract security groups’ identification rampage. According to analysts, multiple added layers of obfuscation and protection have been employed by its operators to their injections then utilised in many online banking frauds. Researchers analysed the most up-to-date anti-analysis features and injections of TrickBot to...
Continue Reading
Konni RAT Malware Threat North-Korea Cybersecurity Services MS Office

Konni RAT becomes a more dangerous threat as analysed by experts

Security experts revealed that the North Korea-based threat group Konni RAT has upgraded its techniques and expanded its attack surface to target several political institutions in neighbouring countries like South Korea and Russia. The researchers managed to identify the new tricks of Konni after analysing the newly developed Konni RAT samples. Based on the analysis,...
Continue Reading
Cybersecurity Firms Warning Users Log4Shell Log4f Vulnerability Exploit Cyberattacks

Cybersecurity firms continue to warn users against Log4Shell attacks

Several cybersecurity firms continue to raise red flags regarding threat actors who use the Log4j critical flaw – Log4Shell – in their malicious activities. According to the researchers, they have observed several attacks that have been actively exploiting the vulnerability. In the past couple of months, various security firms released an advisory regarding threat actors...
Continue Reading
Web Archive File Exploited OceanLotus APT32 Malware MHT MHTML

Web archive file exploited by OceanLotus to spread malware

A state-backed cybercriminal group called OceanLotus, also known as APT32, exploits the web archive file format to avoid detection from security solutions while distributing malware to intrude in target devices. The recent report of a cybersecurity researcher claims that the state-sponsored hackers are actively utilising the web archive files [.]MHTML, and [.]MHT for its campaign....
Continue Reading
1 2 3 4 5 9