11 matches found
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign
The Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a "sustained" credential-harvesting campaign targeting users of UKR.net, a webmail and news service popular in Ukraine. The activity, observed by Recorded Future's Insikt Group between June...
QR codes sent in attachments are the new favorite for phishers
Recently we’ve been seeing quite a few phishing campaigns using QR codes in email attachments. The lure and the targets are varied, but the use of a QR code to get someone to visit the phishing site is fast becoming a preferred method for cybercriminals. There are several reasons why cybercrimina...
MoqHao Android Malware Evolves with Auto-Execution Capability
Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. "Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new variant requires no...
Facad1ng - The Ultimate URL Masking Tool - An Open-Source URL Masking Tool Designed To Help You Hide Phishing URLs And Make Them Look Legit Using Social Engineering Techniques
Facad1ng is an open-source URL masking tool designed to help you Hide Phishing URLs and make them look legit using social engineering techniques. Your phishing link: https://example.com/whatever Give any custom URL: gmail.com Phishing keyword: anything-u-want Output:...
Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware
Threat actors have been increasingly observed using AI-generated YouTube Videos to spread a variety of stealer malware such as Raccoon, RedLine, and Vidar. "The videos lure users by pretending to be tutorials on how to download cracked versions of software such as Photoshop, Premiere Pro, Autodes...
Silent Librarian Retools Phishing Emails to Hook Student Credentials
Silent Librarian is targeting university students in full force with a revamped phishing campaign. The threat group, aiming to steal student login credentials, is using new tricks that bring more credibility to its phishing emails and helping it avoid detection. The threat group also known as TA4...
MasterMana botnet hits users by evading detection with URL shorteners
By Waqas Dubbed MasterMana by researchers; the botnet utilizes every available option to target its victims including dropping backdoors and phishing attacks through business email compromise commonly known as BEC. This is a post from HackRead.com Read the original post: MasterMana botnet hits...
Spammers Finding Favor with Google Translate
Some spammers, looking to launder the dirty links they email you, are relying on the positive reputation of Google Translate to redirect victims to rogue websites. Researchers at Barracuda Labs who maintain the company’s spam honeypots have spotted a rash of illicit messages trying to beat...
Spam campaign tricking thousands with shortened .gov URLs
Symantec has reported an increase in spam messages containing .gov URLs. Cybercriminals are using 1.usa.gov links in their spam campaigns to trick users into thinking the links lead to genuine US government Web sites. Spammers have created these shortened URLs through a loophole in the URL...
Analysis Shows Some URL Shorteners Often Point to Untrusted Websites
In an analysis of 1.7 billion shortened URLs, researchers at Web of Trust found that 8.7 percent of TinyURLs and five percent of Bit.ly URLs lead to sites that received poor ratings for ‘trustworthiness’ and ‘child protection.’ “Certainly the URL shortening services don’t intend to point people t...
UPDATE: Twitter Suffers DoS Attack
Twitter was the target of a sustained denial-of-service attack Thursday morning, an attack that took the site offline for several hours. Twitter’s service went down around 9 a.m. EDT and was back up around noon, while Facebook’s site also experienced problems that may have been the result of a Do...