Phishers are using a new technique called “file archiver in the browser” to trick victims. They create a phishing landing page that looks like legitimate file archiver software using HTML and CSS. The landing page is hosted on a .ZIP domain, making it appear more legitimate. Victims are redirected to a credential harvesting page when […]
Researchers have found malware on the systems of 3CX, which provides software for VoIP solutions worldwide and fell victim to a supply chain attack. Both macOS and Windows systems of the software supplier turned out to be infected, 3CX said in an update about the attack. How the infections could have occurred has still not […]
Fake recruiters on LinkedIn earn a victim’s trust, and then convinces them to engage on WhatsApp or by email, where they can send a malware dropper according to Mandiant.
Escobar malware steals Google Authenticator multi-factor authentication codes, and this malware is the remake of the Aberebot Android banking trojan. This new version of Aberebot Android banking trojan has been detected with a name and icon similar to the legitimate anti-virus app McAfee, and it enables its operators to perform the following tasks:– Using VNC take […]
Operators of the malware will most probably try and infect as many systems as possible with it — both inside and outside Ukraine — to make their DDoS attacks more powerful. Another indication is a sharp increase in phishing attacks out of Russia over the past 24 hours that already have affected some organizations in […]
20% of America’s largest 100 defense contractors are highly susceptible to a ransomware attack, according to a research from Black Kite. Several critical vulnerabilities were detected that contractors should address immediately. Nearly 43% of federal defense contractors have out-of-date systems. 42% of contractors have had at least one compromised credential within the past 90 days.
Microsoft revealed new malware capable of transmitting sensitive information from a compromised AD FS server as well as receive and execute additional malicious payloads retrieved from a remote attacker-controlled server. This malware can also monitor all incoming HTTP GET and POST requests sent to the server from the intranet (or internet) and intercept HTTP requests […]
A hacker released almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While many appliances with the exploited Fortinet vulnerability have since been patched, many VPN credentials seem still to be valid. With these VPN credentials access to a network can be gained to perform data exfiltration, install […]
The US Department of Justice has indicted a man for using a malware botnet to brute force 2.000 computer logon credentials per week and then selling them on a criminal dark web remote access marketplace.