phishing campaigns – Threat Note

From Security Week – Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks

[[{"value":"North Korea’s Lazarus hackers are using the ClickFix technique for malware deployment in fresh attacks targeting the cryptocurrency ecosystem. The post Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks…

shaikh Saqib April 2, 2025

News

From Cyber Security News – DarkCloud – An Advanced Stealer Malware Selling Via Telegram To Steal Data From Windows

DarkCloud is a sophisticated stealer malware that emerged in 2022, quickly positioning itself as one of the most prevalent threats in its category. This Windows-targeting malware has evolved significantly to…

shaikh Saqib March 31, 2025

News

From Security Week – Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe

[[{"value":"The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on…

shaikh Saqib March 28, 2025

News

From The Hacker News – PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps

An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps. "PJobRAT can steal SMS messages, phone contacts, device and app information, documents, and media files from infected Android devices," Sophos security researcher Pankaj Kohli said in a Thursday analysis. PJobRAT, first

shaikh Saqib March 28, 2025

News

From The Hacker News – Hackers Repurpose RansomHub’s EDRKillShifter in Medusa, BianLian, and Play Attacks

A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that's designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in

shaikh Saqib March 27, 2025

Vulnerabilities

From Cybersecurity Help – Russian disinformation actors employ new tactics to maintain influence

Rather than immediately deploying newly registered domains, many threat actors now secure domain names months in advance. Read More

shaikh Saqib March 19, 2025

News

From Security Week – 1,600 Victims Hit by South American APT’s Malware

[[{"value":"South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign. The post 1,600 Victims Hit by South American APT’s Malware appeared first on…

shaikh Saqib March 11, 2025

Vulnerabilities

From Cybersecurity Help – Blind Eagle APT targeting Colombian entities in ongoing espionage campaign

In the recent campaign, the group has been observed exploiting CVE-2024-43451. Read More

shaikh Saqib March 11, 2025

News

From Cyber Security News – Detecting Cyber Attack Patterns by Analyzing Threats Actors Infrastructure

The identification of cyber attack patterns through infrastructure analysis has emerged as a crucial methodology in modern threat intelligence. By examining the digital footprints left by threat actors, security analysts…

shaikh Saqib March 9, 2025

News

From The Hacker News – U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations

The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally. The individuals include two officers of the People's Republic of China's (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private PRC company, Anxun

shaikh Saqib March 6, 2025

News

From The Hacker News – How New AI Agents Will Transform Credential Stuffing Attacks

Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers. Stolen credentials: The cyber criminal’s weapon of choice

shaikh Saqib March 4, 2025

News

From Cyber Security News – New Vulnerability in Substack let Attackers Take Over Subdomains

A newly disclosed edge case in Substack’s custom domain implementation allows threat actors to hijack inactive subdomains, potentially enabling content spoofing, phishing campaigns, and brand impersonation. The researcher identified 1,426…

shaikh Saqib March 3, 2025

News

From Cyber Security News – BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics

A new AI-powered chatbot, BlackBastaGPT, trained on over 1 million leaked internal messages from the Black Basta ransomware gang. Hudson Rock released the tool just days after the unprecedented data…

shaikh Saqib February 23, 2025

News

From Cyber Security News – China Claim That NSA Allegedly Hacked Northwestern Polytechnical University

Chinese cybersecurity authorities have alleged that the U.S. National Security Agency (NSA) breached Northwestern Polytechnical University (NPU), a leading institution in aerospace and defense research, in a multi-year cyber espionage…

shaikh Saqib February 21, 2025

Vulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: February 14, 2025

In brief: Microsoft patches actively exploited zero-days, Chinese hackers Salt Typhoon exploit Cisco flaws, the US and partners sanction Zservers, and more. Read More

shaikh Saqib February 14, 2025