An unidentified threat actor has been exploiting a now-patched zero-day flaw in Internet Explorer browser to deliver a fully-featured VBA-based remote access trojan (RAT) capable of accessing files stored in compromised Windows systems, and downloading and executing malicious payloads as part of an "unusual" campaign. The backdoor is distributed via a decoy document named … [Read more...] about Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs
Hackers
Dutch Police Arrest Two Hackers Tied to “Fraud Family” Cybercrime Ring
Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what's known as a "Fraud-as-a-Service" operation. The apprehended suspects, a 24-year-old software engineer and a 15-year-old boy, are … [Read more...] about Dutch Police Arrest Two Hackers Tied to “Fraud Family” Cybercrime Ring
APT Hackers Distributed Android Trojan via Syrian e-Government Portal
An advanced persistent threat (APT) actor has been tracked in a new campaign deploying Android malware via the Syrian e-Government Web Portal, indicating an upgraded arsenal designed to compromise victims. "To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of its attacks," Trend Micro … [Read more...] about APT Hackers Distributed Android Trojan via Syrian e-Government Portal
Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration
Cybercrime actors part of the Magecart group have latched on to a new technique of obfuscating the malware code within comment blocks and encoding stolen credit card data into images and other files hosted on the server, once again demonstrating how the attackers are continuously improving their infection chains to escape detection. "One tactic that some Magecart actors employ … [Read more...] about Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration
SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers
In yet another sign that the Russian hackers who breached SolarWinds network monitoring software to compromise a slew of entities never really went away, Microsoft said the threat actor behind the malicious cyber activities used password spraying and brute-force attacks in an attempt to guess passwords and gain access to its customer accounts. "This recent activity was mostly … [Read more...] about SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers
Microsoft Edge Bug Could’ve Let Hackers Steal Your Secrets for Any Site
Microsoft last week rolled out updates for the Edge browser with fixes for two security issues, one of which concerns a security bypass vulnerability that could be exploited to inject and execute arbitrary code in the context of any website. Tracked as CVE-2021-34506 (CVSS score: 5.4), the weakness stems from a universal cross-site scripting (UXSS) issue that's triggered when … [Read more...] about Microsoft Edge Bug Could’ve Let Hackers Steal Your Secrets for Any Site
Pakistan-linked hackers targeted Indian power company with ReverseRat
A threat actor with suspected ties to Pakistan has been striking government and energy organizations in the South and Central Asia regions to deploy a remote access trojan on compromised Windows systems, according to new research. "Most of the organizations that exhibited signs of compromise were in India, and a small number were in Afghanistan," Lumen's Black Lotus Labs said … [Read more...] about Pakistan-linked hackers targeted Indian power company with ReverseRat
Cyber espionage by Chinese hackers in neighbouring nations is on the rise
A string of cyber espionage campaigns dating all the way back to 2014 and focused on gathering military intelligence from neighbouring countries have been linked to a Chinese military-intelligence apparatus. In a wide-ranging report published by Massachusetts-headquartered Recorded Future this week, the cybersecurity firm's Insikt Group said it identified ties between a group … [Read more...] about Cyber espionage by Chinese hackers in neighbouring nations is on the rise
Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments
A Middle Eastern advanced persistent threat (APT) group has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government entities associated with geopolitics in the region in a rash of new campaigns observed earlier this month. Sunnyvale-based enterprise security firm Proofpoint attributed the activity to a politically motivated … [Read more...] about Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments
Chinese Hackers Believed to be Behind Second Cyberattack on Air India
Even as a massive data breach affecting Air India came to light the previous month, India's flag carrier airline appears to have suffered a separate cyber assault that lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41. Group-IB dubbed the … [Read more...] about Chinese Hackers Believed to be Behind Second Cyberattack on Air India