Non classé

A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate.
« An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to their system, » Trend Micro researchers Catherine Loveria, Jovit Samaniego, and Gabriel Nicoleta said.
« The attacker failed to install a

A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate.
« An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to their system, » Trend Micro researchers Catherine Loveria, Jovit Samaniego, and Gabriel Nicoleta said.
« The attacker failed to install a

A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan.
Cybersecurity company Securonix, which is tracking the activity under the name FLUX#CONSOLE, said it likely starts with a phishing email link or attachment, although it said it couldn’t obtain the original email used to launch the attack.
« One of the

A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan.
Cybersecurity company Securonix, which is tracking the activity under the name FLUX#CONSOLE, said it likely starts with a phishing email link or attachment, although it said it couldn’t obtain the original email used to launch the attack.
« One of the

Even the best companies with the most advanced tools can still get hacked. It’s a frustrating reality: you’ve invested in the right solutions, trained your team, and strengthened your defenses. But breaches still happen.
So, what’s going wrong? The truth is, that attackers are constantly finding new ways to slip through cracks that often go unnoticed—even in well-prepared organizations. The good

Even the best companies with the most advanced tools can still get hacked. It’s a frustrating reality: you’ve invested in the right solutions, trained your team, and strengthened your defenses. But breaches still happen.
So, what’s going wrong? The truth is, that attackers are constantly finding new ways to slip through cracks that often go unnoticed—even in well-prepared organizations. The good

A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT.
« The attack chain used alternate data streams in a RAR archive to deliver a shortcut (LNK) file that created a scheduled task on the target machine to pull down further payloads, » Proofpoint

A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT.
« The attack chain used alternate data streams in a RAR archive to deliver a shortcut (LNK) file that created a scheduled task on the target machine to pull down further payloads, » Proofpoint

Addressing cyber threats before they have a chance to strike or inflict serious damage is by far the best security approach any company can embrace. Achieving this takes a lot of research and proactive threat hunting. The problem here is that it is easy to get stuck in endless arrays of data and end up with no relevant intel. 
To avoid this, use these five battle-tested techniques that are

Addressing cyber threats before they have a chance to strike or inflict serious damage is by far the best security approach any company can embrace. Achieving this takes a lot of research and proactive threat hunting. The problem here is that it is easy to get stuck in endless arrays of data and end up with no relevant intel. 
To avoid this, use these five battle-tested techniques that are

Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker.
« Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks, » Morphisec researcher Nadav Lorber said in a technical report published Monday.
The attacks make use of fake update alerts that employ

Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker.
« Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks, » Morphisec researcher Nadav Lorber said in a technical report published Monday.
The attacks make use of fake update alerts that employ

A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022.
« The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks since at least 2007, » Kaspersky researchers Georgy Kucherin and Marc Rivero said in an analysis published last week. « Their targets

A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022.
« The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks since at least 2007, » Kaspersky researchers Georgy Kucherin and Marc Rivero said in an analysis published last week. « Their targets

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of flaws is below –

CVE-2024-20767 (CVSS score: 7.4) – Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of flaws is below –

CVE-2024-20767 (CVSS score: 7.4) – Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted

Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds.
« Entirely reliant on a single ad network for propagation, this campaign showcases the core mechanisms of malvertising — delivering over

Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds.
« Entirely reliant on a single ad network for propagation, this campaign showcases the core mechanisms of malvertising — delivering over

NoviSpy Spyware Installed on Journalist’s Phone After Unlocking It With Cellebrite Tool

A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by Amnesty International.
« NoviSpy allows for capturing sensitive personal data from a target’s phone after infection and provides the ability to turn on the phone’s microphone or camera remotely, » the

A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by Amnesty International.
« NoviSpy allows for capturing sensitive personal data from a target’s phone after infection and provides the ability to turn on the phone’s microphone or camera remotely, » the