49 matches found
Fake Microsoft Teams Billing Phishing Alerts Reach 6,135 Users via 12,866 Emails
Scammers are abusing Microsoft Teams invitations to send fake billing notices, with 12,866 emails reaching around 6,135 users in a phone-based phishing campaign...
ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading
Job seekers looking out for opportunities might instead find their personal devices compromised, as a ValleyRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry...
PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks
A financially motivated threat actor has been linked to an ongoing phishing email campaign that has been ongoing since at least July 2024 specifically targeting users in Poland and Germany. The attacks have led to the deployment of various payloads, such as Agent Tesla, Snake Keylogger, and a...
CVE-2024-22638
liveSite v2019.1 was discovered to contain a remote code execution RCE vulenrabiity via the component /livesite/editdesignerregion.php or /livesite/addemailcampaign.php...
CVE-2024-22638
liveSite v2019.1 was discovered to contain a remote code execution RCE vulenrabiity via the component /livesite/editdesignerregion.php or /livesite/addemailcampaign.php...
PT-2024-19514 · Livesite · Livesite
Name of the Vulnerable Software and Affected Versions: liveSite version 2019.1 Description: The issue is related to a remote code execution RCE via the components "/livesite/edit designer region.php" or "/livesite/add email campaign.php". Recommendations: For liveSite version 2019.1, at the momen...
Decoding MrAnon Stealer’s Plot through Deceptive Emails
Summary: A phishing email campaign employs misleading booking details to lure victims, aiming to deploy a Python-based information stealer known as MrAnon Stealer. This malicious software is designed to pilfer victims credentials, system details, browser sessions, and cryptocurrency extensions...
Old Loader, New Threat: Exploring XWorm RAT's Distribution and Tactics
Old Loader, New Threat: Exploring XWorm RAT's Distribution and Tactics By Pratik Pachpor and Adarsh S · July 31, 2023 Executive Summary: In March-April 2023, we detected a malicious email campaign delivering .Net based XWorm RAT in which embedded blogspot.com URLs were used as an entry point. Thi...
Google Uncovers APT41's Use of Open Source GC2 Tool to Target Media and Job Sites
A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control GC2 amid broader abuse of Google's infrastructure for malicious ends. The tech giant's Threat Analysis Group TAG attributed the campaign to ...
Mass email campaign with a pinch of targeted spam
Most mass malicious mailing campaigns are very primitive and hardly diverse, with the content limited to several sentences offering the user to download archives that supposedly contain some urgent bills or unpaid fines. The email messages may contain no signatures or logos, with typos and other...
New Backdoor Targets French Entities via Open-Source Package Installer
Researchers have exposed a new targeted email campaign aimed at French entities in the construction, real estate, and government sectors that leverages the Chocolatey Windows package manager to deliver a backdoor called Serpent on compromised systems. Enterprise security firm Proofpoint attribute...
Emotet Now Spreading Through Malicious Excel Files
The infamous Emotet malware has switched tactics yet again, in an email campaign propagating through malicious Excel files, researchers have found. Researchers at Palo Alto Networks Unit 42 have observed a new infection approach for the high-volume malware, which is known to modify and change its...
Unpatched Microsoft Exchange Servers abused in new phishing campaign
By Waqas The noteworthy aspect of this phishing campaign is that the emails were sent as replies to previously sent messages, due to which these appeared legit. This is a post from HackRead.com Read the original post: Unpatched Microsoft Exchange Servers abused in new phishing campaign...
Hackers Using Squirrelwaffle Loader to Deploy Qakbot and Cobalt Strike
A new spam email campaign has emerged as a conduit for a previously undocumented malware loader that enables the attackers to gain an initial foothold into enterprise networks and drop malicious payloads on compromised systems. "These infections are also used to facilitate the delivery of...
A New Variant of FlawedGrace Spreading Through Mass Email Campaigns
Cybersecurity researchers on Tuesday took the wraps off a mass volume email attack staged by a prolific cybercriminal gang affecting a wide range of industries, with one of its region-specific operations notably targeting Germany and Austria. Enterprise security firm Proofpoint tied the malware...
Email claiming Kaseya patch drops Cobalt Strike malware
By Sudais Asif The malicious email campaign is claiming to contain a patch for the Kaseya vulnerability but in fact, it is the infamous Cobalt Strike malware. This is a post from HackRead.com Read the original post: Email claiming Kaseya patch drops Cobalt Strike malware...
Faux ‘DarkSide’ Gang Takes Aim at Global Energy, Food Sectors
Several organizations in the oil, gas and food sectors have received threatening emails from cybercriminals posing as DarkSide – the ransomware gang behind the Colonial Pipeline hack. According to researchers at Trend Micro, threat actors are taking advantage of the notoriety around the pipeline...
Nobelium Phishing Campaign Poses as USAID
The cybercriminal group behind the notorious SolarWinds attack is at it again with a sophisticated mass email campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious activities. Microsoft Threat Intelligence Center MSTIC...
Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware
Microsoft on Thursday warned of a "massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. "This RAT is infamous for its ransomware-like behavior of appending the file name extension...
Researchers Spotted Malware Written in Nim Programming Language
Cybersecurity researchers have unwrapped an "interesting email campaign" undertaken by a threat actor that has taken to distributing a new malware written in Nim programming language. Dubbed "NimzaLoader" by Proofpoint researchers, the development marks one of the rare instances of Nim malware...