A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and … [Read more...] about GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks
attacks
New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries
Oct 07, 2024Ravie LakshmananIoT Security / Botnet Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that is a variant of the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet "issued over 300,000 attack commands, with a shocking attack density" between … [Read more...] about New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries
Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks
Oct 03, 2024Ravie LakshmananMobile Security / Technology Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e., modem) refers to a processor on the device that's responsible for handling all connectivity, such as LTE, 4G, and 5G, … [Read more...] about Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. "Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a wiper to prevent recovery," Kaspersky said in a Friday analysis. "The approach is … [Read more...] about Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus
Sep 03, 2024Ravie LakshmananRansomware / Malware A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. "Head Mare uses more up-to-date methods for obtaining initial access," Kaspersky said in a Monday analysis of the group's tactics and tools. "For instance, the attackers took advantage of … [Read more...] about Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus
New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads
Aug 23, 2024Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders. "This memory-only dropper decrypts and executes a PowerShell-based downloader," Google-owned Mandiant … [Read more...] about New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads
New T-Head CPU Bugs Expose Devices to Unrestricted Attacks
Aug 13, 2024Ravie LakshmananVulnerability / Hardware Security A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head's XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The vulnerability has been codenamed … [Read more...] about New T-Head CPU Bugs Expose Devices to Unrestricted Attacks
How Phishing Attacks Adapt Quickly to Capitalize on Current Events
In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress. What's behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like … [Read more...] about How Phishing Attacks Adapt Quickly to Capitalize on Current Events
North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
Jul 25, 2024NewsroomMalware / Cyber Espionage A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker … [Read more...] about North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
Jul 15, 2024NewsroomSupply Chain Attack / Cyber Threat Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories. JFrog, which found the GitHub Personal Access Token, said the … [Read more...] about GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks