Off-the-shelves, modern phishing kits are being sold on underground forums that contain several, sophisticated detection avoidance and traffic filtering processes to not be marked as threats. Fake websites impersonating renowned brands are created using phishing kits featuring realistic login pages, brand logos, and in special cases, dynamic web pages.
A new email phishing campaign has been spotted leveraging the tactic of conversation hijacking to deliver the IcedID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers.
While organizations have improved their backup strategy, ransomware groups are responding by exfiltrating sensitive data and threatening to expose it. Cybercriminals are still shifting to living-off-the-land attack techniques.
Google is urging users on Windows, macOS, and Linux to update Chrome builds to version 99.0.4844.84, following the discovery of a vulnerability that has an exploit in the wild.
As organizations increase cloud-native adoption, a new Styra report outlines why developers and IT decision-makers need a unified approach to address security and compliance issues.
Operation Dragon Castling is yet another campaign by a Chinese-speaking APT group targeting betting companies in Southeast Asian countries. One of the malicious files used in this campaign is the MulCom backdoor that is believed to be loaded by a malicious file, CorePlugin. The researchers have spotted notable code similarities between the MulCom backdoor and […]
A new variant of PlugX RAT, named Hodur, is being used by Mustang Panda against East and Southeast Asian entities, with a few in Europe and Africa too. Its phishing lures include a regional aid map for a European country, updated COVID-19 travel restrictions, and the Regulations of the European Parliament and of the Council. […]
The U.S. placed internet-security provider AO Kaspersky Lab on a list of companies deemed a threat to national security, for the first time adding a Russian entity to a list dominated by Chinese telecommunications firms.
Taiwanese hardware manufacturer QNAP is facing twin threats. While Deadbolt ransomware actors are targeting users, the vendor has also urged customers to stay vigilant of Dirty Pipe. Around 5,000 exposed QNAP NAS devices—out of 130,000 exposed—were targeted by ransomware. Whereas, the flaw exists in all major distros, leading to root access with local access.
The security flaws were discovered by researcher Jose Bertin in a controller made by Russian company Tekon Avtomatika, which specializes in equipment and software for elevators and other building systems.