21 matches found
MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities
In April 2025 Cisco Talos identified a Malware-as-a-Service MaaS operation that utilized Amadey to deliver payloads. The MaaS operators used fake GitHub accounts to host payloads, tools and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use. Several operator tactics...
Fake Telegram Apps Spread via 607 Domains in New Android Malware Attack
Fake Telegram apps are being spread through 607 malicious domains to deliver Android malware, using blog-style pages and phishing tactics to trick users...
Booking.com reservation abused as cybercriminals steal from travelers
Robert Woodford, a recruitment marketing specialist, recently shared on LinkedIn how he fell victim to a highly sophisticated scam while booking a hotel in Verona through Booking.com, providing a striking example of how attacks on the hospitality industry affect travelers. After completing a...
How 'Browser-in-the-Middle' Attacks Steal Sessions in Seconds
Would you expect an end user to log on to a cybercriminal's computer, open their browser, and type in their usernames and passwords? Hopefully not! But that's essentially what happens if they fall victim to a Browser-in-the-Middle BitM attack. Like Man-in-the-Middle MitM attacks, BiTM sees...
Scammers are using AI to impersonate senior officials, warns FBI
The FBI has issued a warning about an ongoing malicious text and voice messaging campaign that impersonates senior US officials. The targets are predominantly current or former US federal or state government officials and their contacts. In the course of this campaign, the cybercriminals have use...
“Follow me” to this fake crypto exchange to claim $500
A type of crypto scam that we reported about in 2024 has ported over to a new platform and changed tactics—a bit. Where the old scams mostly reached me on WhatsApp, the same group of scammers is now using Direct Messages on X. However, the same old trick of "accidentally" sending you login detail...
Scammers Exploit JFK Files Release with Malware and Phishing
Veriti Research reported a developing cyber threat campaign centred around the declassification and release of the RFK, MLK…...
In Gaming Item Scams and How to Avoid Them?
The popularity of the TF2 gaming and trading scene attracts scammers with phishing, fake trades, and malicious tools.…...
ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan
The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024. The aim of the campaign is to deliver backdoors known as NOOPDOOR aka HiddenFace and ANEL aka UPPERCUT, Trend Micro said ...
Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes
Google has revealed that bad actors are leveraging techniques like landing page cloaking to conduct scams by impersonating legitimate sites. "Cloaking is specifically designed to prevent moderation systems and teams from reviewing policy-violating content which enables them to deploy the scam...
Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware
Cybersecurity researchers have shed light on a sophisticated information stealer campaign that impersonates legitimate brands to distribute malware like DanaBot and StealC. The activity cluster, orchestrated by Russian-speaking cybercriminals and collectively codenamed Tusk, is said to encompass...
AtlasCross Exploits Organizations with DangerAds and AtlasAgent Trojans
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new threat actor by the name of AtlasCross has been identified employing phishing tactics that use Red Cross-themed lures as part of their attack strategy. These phishing campaigns are being used to...
Ducktail Malware Operation Evolves with New Malicious Capabilities
The operators of the Ducktail information stealer have demonstrated a "relentless willingness to persist" and continued to update their malware as part of an ongoing financially driven campaign. "The malware is designed to steal browser cookies and take advantage of authenticated Facebook session...
Facebook users targeted in massive phishing campaign
Facebook is once again the launchpad for a large-scale phishing campaign, according to researchers at PIXM. The campaign, which first shows signs of life back in September 2021, has generated millions of page views and ad referral revenue "estimated to be millions of USD at this scale of...
Airdrop phishing: what is it, and how is my cryptocurrency at risk?
Airdrop phishing is a really popular tactic at the moment. It emerged alongside the explosion of Web3/NFT/cryptocurrency popularity, and ensures scammers get a slice of the money pie. You may well have heard the term in passing, and wondered what an Airdrop is. Is your iPhone about to be Airdrop...
Beware Ukraine-themed fundraising scams
Unfortunately scammers continue to focus on the invasion of Ukraine to make money. A flurry of bogus domains and scam techniques are spreading their wings. They appear to focus on donation fakeouts but there’s a few other nasty surprises lying in wait too. The lowest of the low There are few lowe...
Hackers Exploiting ProxyLogon and ProxyShell Flaws in Spam Campaigns
Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign that leverages stolen email chains to bypass security software and deploy malware on vulnerable systems. The findings come from Trend Micro following an...
16 Cybercriminals Behind Mekotio and Grandoreiro Banking Trojan Arrested in Spain
Spanish law enforcement agencies on Wednesday arrested 16 individuals belonging to a criminal network in connection with operating two banking trojans as part of a social engineering campaign targeting financial institutions in Europe. The arrests were made in Ribeira A Coruña, Madrid, Parla and...
Taxpayers Targeted With Improved NetWire RAT Variant
A new variant of the the NetWire remote access trojan RAT is hitching a ride on IRS-themed phishing ploys targeting taxpayers in hopes of snatching victims’ credentials and tax information. The recently uncovered campaign reveals the RAT’s operators swapping up infection tactics to use a legacy...
Office 365 Admins Targeted in Ongoing Phishing Scam
A phishing campaign that uses legitimate organizations’ Office 365 infrastructure to send emails has emerged onto the cyberscam scene. According to Michael Tyler at PhishLabs, cybercriminals are looking to compromise Microsoft Office 365 administrator accounts to send out phishing lures – thus...