The Russian-linked Gamaredon APT, aka Aqua Blizzard or Primitive, is performing yet another series of phishing attacks against Ukrainian government agencies. As CERT-UA continues to monitor and track the activities of this notorious group, a new fact regarding its data-stealing ability has come to light. .
Data associated with a subset of registered customers of VirusTotal, including their names and email addresses, were exposed after an employee inadvertently uploaded the information to the malware scanning platform.
A new cloud credential stealing campaign has been discovered, targeting Azure and Google Cloud Platform (GCP) services. The campaign shares similarities with the TeamTNT cryptojacking group, but experts are not fully confident of their attribution.
Orca Security, which reported the bug to Google, said that attackers could impersonate the accounts and manipulate the build, injecting malicious code or taking other actions
Tracked as CVE-2023-38203 (CVSS score of 9.8), the flaw is described as “deserialization of untrusted data” in ColdFusion versions 2023, 2021, and?2018. This allows an attacker to use specially crafted data to trigger the execution of arbitrary code
A new malware, dubbed AVrecon, has been found conducting stealthy attacks against vulnerable Small Office/Home Office (SOHO) routers in an attempt to build an army of botnets. The attacks have been active for more than two years, with the malware infiltrating around 70,000 devices from across 20 countries.
USB drives continue to be a favorite asset of cybercriminals to launch malware. Security researchers at Mandiant reported a three-fold increase in malware attacks via USB drives to steal secrets in the first half of 2023. They have shared details of two such attack campaigns.
An unreported .NET loader referred to as CustomerLoader is being distributed through deceptive phishing emails, YouTube videos, and web pages that mimicked genuine websites. This loader possesses the capability to retrieve, decrypt, and execute additional payloads.
A new tactic is gaining popularity among threat actors that involves the use of "zip" domains in phishing campaigns. Fortinet Labs, in this article, explored how threat actors are incorporating zip domains into their arsenals to enhance their phishing efforts.
Facebook and Microsoft’s collective dominance as the most spoofed brands continued into H1 2023, with the former accounting for 18% of all phishing URLs and the latter accounting for 15%, according to Vade
/https://cyware-ent.s3.amazonaws.com/image_bank/e1d8_shutterstock_1393698617.jpg "icon")
/https://cyware-ent.s3.amazonaws.com/image_bank/900b_shutterstock_1454959556_1.jpg "icon")
/https://cyware-ent.s3.amazonaws.com/image_bank/16fd_shutterstock_243776242.jpg "icon")
