Cybercriminals are using Unicode QR codes in a new type of phishing attack that can bypass traditional security measures, putting users at risk of visiting malicious websites and having their data stolen.
CrowdStrike researchers have uncovered the identity of the hacker USDoD, also known as EquationCorp, responsible for multiple high-profile data breaches. According to a report from TecMundo, USDoD is a man named Luan BG from Brazil.
The latest encryptor variant identified by researchers at Cisco Talos appends the file extension ‘blackbytent_h’ to encrypted files. This variant also includes the deployment of four vulnerable drivers, an increase from previous reports.
A new QR code phishing campaign is using Microsoft Sway to steal credentials. The attacks primarily target users in Asia and North America, particularly in the technology, manufacturing, and finance sectors.
The GuidePoint Research and Intelligence Team (GRIT) discovered attacker domain names and IP addresses targeting over 130 US organizations through a campaign that begins by stealing credentials and passcodes using social engineering tactics.
Lumen researchers identified the bug and reported it to Versa in June, with active exploitation by Volt Typhoon observed since at least June. The attackers use a Web shell called VersaMem to capture credentials and monitor system activity.
Israeli cybersecurity firm Check Point Software Technologies has announced the acquisition of threat intelligence company Cyberint, marking its third startup acquisition in a year.
ESET uncovered a new cyber-espionage campaign tied to a South Korean APT group that used a remote code execution (RCE) vulnerability in WPS Office for Windows to deploy a custom backdoor called “SpyGlace.”
CVE-2023-22527 is a critical vulnerability exploited for cryptojacking activities. Attack tactics include shell scripts, XMRig miners, targeting SSH endpoints, and establishing persistence through cron jobs.
This flaw allows attackers to execute remote code without authentication, posing a serious risk. Versions up to 18.12.14 are affected, and organizations are advised to upgrade to version 18.12.15 to mitigate the issue.