Posted inVulnerabilities
From Cybersecurity Help – UAC-0219 targets Ukraine’s government agencies with WRECKSTEEL stealer
This activity has been ongoing since at least the fall of 2024. Read More
Posted inNews
From The Hacker News – Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign
Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration.
"This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect," Jscrambler researchers Pedro
.webp)
Posted inNews
From Cyber Security News – New Malware Attacking Android Users Abusing Cross-Platform Framework For Evasion
Cybercriminals have developed sophisticated malware campaigns targeting Android users by exploiting .NET MAUI, a cross-platform development framework, to evade traditional security measures. These threats disguise themselves as legitimate banking and…
Posted inNews
From Cyber Security News – Hackers Exploit Gamma AI to Create Sophisticated Microsoft Themed Phishing Redirectors
Cybercriminals are leveraging Gamma AI, a platform for creating presentations, websites, and documents, to build sophisticated and difficult-to-detect phishing page redirectors. These malicious actors are exploiting Gamma’s advanced capabilities to…
Posted inArticles
From Krebs on Security – Arrests in Tap-to-Pay Scheme Powered by Phishing
Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by…
Posted inNews
From Cyber Security News – Beware of Free File Word To PDF Converter That Delivers Malware
The FBI has issued an urgent warning about the rising threat of malicious file conversion tools that are being used to spread malware across the United States. Cybercriminals are targeting…
Posted inVulnerabilities
From Cybersecurity Help – Black Basta ransomware group expands operations with BRUTED brute-forcing tool
The BRUTED framework employs a multi-step attack process to identify and compromise edge network devices. Read More
Posted inArticles
From Graham Cluley – Free file converter malware scam “rampant” claims FBI
Whether you're downloading a video from YouTube or converting a Word document into a PDF file, there's a chance that you might be unwittingly handing control of your PC straight…
Posted inNews
From Security Week – Trump Coins Used as Lure in Malware Campaign
[[{"value":"Binance is being spoofed in an email campaign using free TRUMP Coins as a lure leading to the installation of the ConnectWise RAT. The post Trump Coins Used as Lure…
Posted inNews
From Dark Reading – GitHub-Hosted Malware Infects 1M Windows Users
Microsoft has identified a complex, malvertising-based attack chain that delivered Lumma and other infostealers to enterprise and consumer PC users; the campaign is unlikely the last of its kind. Read More
Posted inNews
From The Hacker News – SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools
A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services.
Russian cybersecurity company Kaspersky said the activity is part of a larger trend where cybercriminals are increasingly leveraging Windows Packet Divert (WPD) tools to distribute malware
Posted inNews
From Cyber Security News – Two Hackers Arrested for Stealing Taylor Swift Era Concert Tickets Worth $600k
In a sophisticated cybercrime operation targeting high-demand events, two individuals were arrested this week for allegedly orchestrating a $600,000 ticket theft scheme involving Taylor Swift’s Eras Tour and other major…
Posted inNews
From Cyber Security News – Hackers Deliver XWorm via Malicious Registry Files in a New Stegocampaign Attack
Stegoсampaign, a complex attack that leverages phishing, a multi-functional RAT, а loader, and malicious scripts, got a new twist. ANY.RUN’s malware analysts discovered a Stegocampaign variant that uses a Windows…
Posted inNews
From Cyber Security News – US Army Soldier Arrested for Hacking 15 Telecom Carriers
U.S. Army Specialist Cameron John Wagenius, 21, is charged with federal offenses for allegedly hacking at least 15 telecom companies and trying to extort a major provider while leveraging stolen…
.webp)
Posted inNews
From Cyber Security News – Hackers Exploiting Google Tag Manager To Steal Credit Card From eCommerce Sites
Hackers have been exploiting Google Tag Manager (GTM) to steal sensitive credit card information from eCommerce sites, particularly those built on the Magento platform. This sophisticated attack shows the evolving…