News Blog
[ad_1] Apr 09, 2024NewsroomCyber Espionage / Malware Human rights activists in Morocco and the Western Sahara region are the targets of a new threat actor that leverages phishing attacks to trick victims into installing bogus Android apps and serve credential harvesting pages for Windows users. Cisco Talos is tracking the activity cluster under the name…
[ad_1] Apr 08, 2024NewsroomCybersecurity / Malvertising A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. “The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice,” Trustwave SpiderLabs researcher…
[ad_1] Apr 05, 2024NewsroomCyber Espionage / Cybersecurity Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an “evolving threat” called JSOutProx. “JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET,” Resecurity said in a technical report published this week. “It employs…
[ad_1] Apr 02, 2024NewsroomMalvertising / Threat Intelligence The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain,…
[ad_1] Mar 29, 2024NewsroomSupply Chain Attack / Threat Intelligence The maintainers of the Python Package Index (PyPI) repository briefly suspended new user sign-ups following an influx of malicious projects uploaded as part of a typosquatting campaign. It said “new project creation and new user registration” was temporarily halted to mitigate what it said was a…
[ad_1] Mar 19, 2024NewsroomLinux / Cyber Espionage A new variant of a data wiping malware called AcidRain has been detected in the wild that’s specifically designed for targeting Linux x86 devices. The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne’s Juan Andres Guerrero-Saade said in a series of posts on X. “The new…
[ad_1] Mar 18, 2024NewsroomCyber Warfare / Malware The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. “The uncovered lures include a mixture of internal and publicly available…
[ad_1] Mar 15, 2024NewsroomMalvertising / Threat Intelligence Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the software and ultimately deploy Geacon, a Golang-based implementation of Cobalt Strike. “The malicious site found in the…
[ad_1] Mar 06, 2024NewsroomPrivacy / Spyware The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance for their role in “developing, operating, and distributing” commercial spyware designed to target government officials, journalists, and policy experts in the country. “The proliferation of commercial spyware…
[ad_1] U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. “Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency…