phishing campaign – Threat Note

From Cyber Security News – Hackers Leveraging DNS MX Records To Dynamically Create Fake Logins Mimic as 100+ Brands

A sophisticated phishing operation has emerged that creatively leverages DNS mail exchange (MX) records to dynamically serve fake login pages tailored to victims’ email providers. The attack can mimic over…

shaikh Saqib March 29, 2025

Articles

From Schneier on Security – Friday Squid Blogging: Squid Werewolf Hacking Group

In another rare squid/cybersecurity intersection, APT37 is also known as “Squid Werewolf.” As usual, you can also use this squid post to talk about the security stories in the news…

Samir K March 29, 2025

Vulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: March 28, 2025

In brief: Google patches a Chrome zero-day bug, MMC zero-day bug linked to EncryptHub attacks, and more. Read More

Samir K March 28, 2025

News

From Cyber Security News – Operation ForumTroll – APT Hackers Exploit Google Chrome Zero-Day To Bypass Sandbox Protections

In mid-March 2025, cybersecurity researchers uncovered “Operation ForumTroll,” targeting Russian media outlets and educational institutions. Victims are infected by clicking phishing links disguised as invitations to the “Primakov Readings” forum,…

shaikh Saqib March 26, 2025

News

From The Hacker News – Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks

Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia. The vulnerability, tracked as CVE-2025-2783, has been described as a case of "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo refers to a

shaikh Saqib March 26, 2025

News

From Cyber Security News – Multistage Info Stealer SnakeKeylogger Attacking Individuals and Businesses to Steal Logins

SnakeKeylogger has emerged as a sophisticated credential-stealing malware, targeting both individuals and organizations with its multi-stage infection chain and stealthy in-memory execution techniques. This malware is specifically designed to harvest…

shaikh Saqib March 25, 2025

News

From Cyber Security News – Microsoft Warns of Cyber Attack Mimic Booking .com To Deliver Password Stealing Malware

Microsoft Threat Intelligence has identified an ongoing phishing campaign impersonating Booking.com to deliver credential-stealing malware. The campaign, which began in December 2024, targets hospitality organizations in North America, Oceania, Asia,…

shaikh Saqib March 14, 2025

News

From Security Week – Microsoft Warns of Hospitality Sector Attacks Involving ClickFix

[[{"value":"A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering. The post Microsoft Warns of Hospitality Sector Attacks Involving ClickFix appeared…

shaikh Saqib March 13, 2025

Articles

From Schneier on Security – Trojaned AI Tool Leads to Disney Hack

This is a sad story of someone who downloaded a Trojaned AI tool that resulted in hackers taking over his computer and, ultimately, costing him his job. Read More

shaikh Saqib March 4, 2025

News

From The Hacker News – Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector

Threat hunters are calling attention to a new highly-targeted phishing campaign that singled out "fewer than five" entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano. The malicious activity was specifically directed against aviation and satellite communications organizations, according to Proofpoint, which detected it in late October

shaikh Saqib March 4, 2025

News

From Cyber Security News – Microsoft Listed Hackers Abusing Azure OpenAI Service to Generate Malicious Content

Microsoft has initiated legal proceedings against a global cybercrime syndicate accused of developing sophisticated tools to bypass safety protocols in its Azure OpenAI Service. The complaint, filed in the U.S.…

shaikh Saqib March 1, 2025

News

From The Hacker News – 5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's content delivery network (CDN) to deliver the Lumma stealer malware. Netskope Threat Labs said it discovered 260 unique domains hosting 5,000 phishing PDF files that redirect victims to malicious websites. "The attacker uses SEO to trick victims into

shaikh Saqib February 28, 2025

News

From Cyber Security News – Yodobashi Camera Users Under Attack from a New Wave of Phishing Attack

A new wave of phishing attacks impersonating Japanese electronics retail giant Yodobashi Camera has emerged, leveraging urgency and brand trust to steal customer credentials. Cybersecurity firm Symantec reported the campaign,…

shaikh Saqib February 27, 2025

News

From Cyber Security News – Beware of Fake Timesheet Report Email Leading to the Tycoon 2FA Phishing Kit

A new wave of phishing attacks is exploiting fake timesheet report emails to lure victims into the sophisticated Tycoon 2FA phishing kit. This campaign leverages Pinterest Visual Bookmarks as intermediaries,…

shaikh Saqib February 18, 2025

News

From Cyber Security News – Hackers Abusing Microsoft Teams Meeting Invites to Trick Victims for Gaining Access

In a sophisticated cyberattack campaign, a threat actor identified as Storm-2372 has been leveraging Microsoft Teams meeting invites to execute “device code phishing” attacks. This campaign, observed since August 2024,…

shaikh Saqib February 17, 2025