Tag: tactics
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 40
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor Advancements in delivery: Scripting with Nietzsche Analyzing New HijackLoader Evasion Tactics Malicious Python…
-
Cyber agencies urge organizations to collaborate to stop fast flux DNS attacks
by
in SecurityNewsHow to mitigate DNS attacks: Fast flux is one of many types of DNS attack. But there are tactics organizations can use to mitigate them.In the case of fast flux, the report recommends that:defenders should use cybersecurity and PDNS services that detect and block fast flux. “By leveraging providers that detect fast flux and implement…
-
Attackers Abuse Remote Desktop Protocol, Microsoft Binaries
by
in SecurityNewsInvestigators See Ongoing Use of Living-Off-the-Land Binaries, Frequent RDP Abuse. Incident responders studying last year’s top attacker tools, tactics and procedures have urged cyber defenders to monitor for the unusual use of legitimate administrator tools, suspicious use of Remote Desktop Protocol, as well as attempts by attackers to hide their tracks by wiping logs. First…
-
PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack
by
in SecurityNewsA sophisticated phishing campaign, dubbed >>PoisonSeed,
-
New Android Spyware Tricks Users by Demanding Passwords for Uninstallation
A newly identified Android spyware app is elevating its tactics to remain hidden and unremovable by leveraging a password prompt for uninstallation. This unsettling feature effectively blocks users from removing the app unless the correct password”, set by the person who installed the spyware”, is entered. How the Spyware Works The spyware, which TechCrunch decided…
-
Hunters International shifting tactics amid growing risks
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/hunters-international-shifting-tactics-amid-growing-risks
-
Cryptohack Roundup: Q1 Sees Record Hacks
by
in SecurityNewsAlso: SEC Drops Kraken, Consensys and Cumberland DRW Lawsuits. This week, hack stats, Hamas crypto funds seizure, conclusion of Kraken, Consensys and Cumberland DRW lawsuits, Kentucky dropped its Coinbase suit, Trump pardoned BitMex co-founders, Lazarus’s new tactics, and Crocodilus malware’s crypto targets. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-q1-sees-record-hacks-a-27916
-
AI Threats Are Evolving Fast, Learn Practical Defense Tactics in this Expert Webinar
by
in SecurityNewsThe rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it’s also giving cybercriminals smarter ways to attack. They’re moving quicker, targeting more precisely, and slipping past old defenses without being noticed.And here’s the harsh truth: If your security strategy hasn’t evolved with AI in mind, you’re already behind.But you’re…
-
Crimelords at Hunters International tell lackeys ransomware too ‘risky’
by
in SecurityNewsBosses say theft now the name of the game with a shift in tactics, apparent branding First seen on theregister.com Jump to article: www.theregister.com/2025/04/02/hunters_international_rebrand/
-
Emulating the Sophisticated Russian Adversary Seashell Blizzard
by
in SecurityNewsAttackIQ has released a new assessment template that emulates the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with the sabotage-motivated Russian adversary Seashell Blizzard. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/emulating-the-sophisticated-russian-adversary-seashell-blizzard/
-
SmokeLoader Malware Uses Weaponized 7z Archives to Deliver Infostealers
by
in SecurityNewsA recent malware campaign has been observed targeting the First Ukrainian International Bank (PUMB), utilizing a stealthy malware loader, Emmenhtal, in conjunction with the SmokeLoader malware. This campaign demonstrates advanced tactics by financially motivated threat actors to distribute infostealers like CryptBot and Lumma Stealer. The attack chain begins with weaponized 7z archives and culminates in…
-
Hackers Exploit Cloudflare for Advanced Phishing Attacks
by
in SecurityNewsA sophisticated phishing campaign orchestrated by a Russian-speaking threat actor has been uncovered, revealing the abuse of Cloudflare services and Telegram for malicious purposes. Researchers at Hunt.io have identified this new wave of attacks, which employs Cloudflare-branded phishing pages and advanced tactics to evade detection. The campaign utilizes Cloudflare’s Pages.dev and Workers.dev platforms typically used…
-
Threat-informed defense for operational technology: Moving from information to action
by
in SecurityNews
Tags: access, ai, attack, automation, blueteam, cloud, control, crime, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, exploit, finance, fortinet, framework, group, incident response, infrastructure, intelligence, law, malicious, malware, mitre, network, phishing, PurpleTeam, ransomware, RedTeam, resilience, risk, service, soar, strategy, tactics, technology, threat, tool, usaThe rise of cybercrime-as-a-service Today’s macro threat landscape is a flourishing ecosystem of cybercrime facilitated by crime-as-a-service (CaaS) models. Cybercriminal networks now operate like legitimate businesses, with specialized units dedicated to activities such as money laundering, malware development, and spear phishing. This ecosystem lowers the barrier to entry for cybercrime, enabling low-skilled adversaries to launch…
-
North Korea IT Workers Expand Their Employment Across Europe To Infiltrate the Company Networks
by
in SecurityNewsNorth Korean IT workers have intensified their global operations, expanding their employment footprint across Europe to infiltrate corporate networks and generate revenue for the regime. According to the latest report by Google Threat Intelligence Group (GTIG), these workers pose as legitimate remote employees, leveraging advanced technical skills and deceptive tactics to gain access to sensitive…
-
Gootloader Malware Spreads via Google Ads with Weaponized Documents
The notorious Gootloader malware has resurfaced with a new campaign that combines old tactics with modern delivery methods. This latest iteration leverages Google Ads to target users searching for legal document templates, such as non-disclosure agreements (NDAs) or lease agreements. The campaign exemplifies the evolving strategies of threat actors who exploit trust in legitimate platforms…
-
Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks
by
in SecurityNewsNorth Korea’s Lazarus hackers are using the ClickFix technique for malware deployment in fresh attacks targeting the cryptocurrency ecosystem. The post Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/lazarus-uses-clickfix-tactics-in-fake-cryptocurrency-job-attacks/
-
Hackers Exploit Microsoft Teams Messages to Deliver Malware
by
in SecurityNews
Tags: attack, corporate, credentials, cyber, cybersecurity, defense, exploit, hacker, malicious, malware, microsoft, powershell, tactics, vulnerabilityCybersecurity experts have uncovered a new malware campaign targeting Microsoft Teams users to infiltrate corporate systems. By exploiting the platform’s communication vulnerabilities and leveraging malicious PowerShell scripts, attackers bypassed traditional defenses, delivering malware capable of stealing credentials and establishing persistent backdoors. The attack demonstrates an alarming evolution in malware delivery tactics through trusted collaboration platforms.…
-
KoiLoader Exploits PowerShell Scripts to Drop Malicious Payloads
by
in SecurityNewsCybersecurity experts at eSentire’s Threat Response Unit (TRU) uncovered a sophisticated malware campaign leveraging KoiLoader, a malicious loader designed to deploy information-stealing payloads. This campaign utilized PowerShell scripts and obfuscation techniques to bypass security measures and infect systems. The investigation revealed a multi-stage infection chain, highlighting the evolving tactics of cybercriminals. Infection Chain and Delivery…
-
Morphing Meerkat’s Phishing Tactics: Abusing DNS MX Records
by
in SecurityNewsA recent report has uncovered a sophisticated phishing operation that uses DNS techniques to tailor content to victims. First seen on securityonline.info Jump to article: securityonline.info/morphing-meerkats-phishing-tactics-abusing-dns-mx-records/
-
Generative AI Is reshaping financial fraud. Can security keep up?
In this Help Net Security interview, Yinglian Xie, CEO at DataVisor, explains how evolving fraud tactics require adaptive, AI-driven prevention strategies. With fraudsters … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/01/yinglian-xie-datavisor-fraud-prevention-strategies/
-
Scammers Target Netflix Users: Expert Issues Urgent Warning
by
in SecurityNewsStreaming giant Netflix is at the center of a rising wave of online scams, cybersecurity experts warn. Fraudsters use increasingly sophisticated tactics, from fake texts to deceptive emails and websites, to steal Netflix users’ personal and financial information. With over 230 million subscribers worldwide, Netflix has become one of the most impersonated brands […] First…
-
Hacker Tactics: Exploiting Edge Devices, Missing Multifactor
by
in SecurityNews70% of Ransomware Incidents Trace to Attackers Simply Logging In, Researchers Warn. Hackers may have a reputation for wizardry, but researchers say two of their top tactics are entirely prosaic: exploiting known vulnerabilities in outdated networking gear to gain initial access, as well as using valid – albeit stolen – employee credentials and just logging…
-
North Korean hackers adopt ClickFix attacks to target crypto firms
by
in SecurityNewsThe notorious North Korean Lazarus hacking group has reportedly adopted ‘ClickFix’ tactics to deploy malware targeting job seekers in the cryptocurrency industry, particularly centralized finance (CeFi). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-adopt-clickfix-attacks-to-target-crypto-firms/
-
âš¡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
by
in SecurityNewsEvery week, someone somewhere slips up”, and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks?Step behind the curtain with us this week as we explore breaches…
-
âš¡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
by
in SecurityNewsEvery week, someone somewhere slips up”, and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks?Step behind the curtain with us this week as we explore breaches…
-
Gamaredon Hackers Weaponize LNK Files to Deliver Remcos Backdoor
by
in SecurityNewsCisco Talos has uncovered an ongoing cyber campaign by the Gamaredon threat actor group, targeting Ukrainian users with malicious LNK files to deliver the Remcos backdoor. Active since at least November 2024, this campaign employs spear-phishing tactics, leveraging themes related to the Ukraine conflict to lure victims into executing the malicious files. The LNK files,…
-
Top 5 Web Application Penetration Testing Companies UK
by
in SecurityNewsWeb Application Penetration Testing (WAPT) is a methodical approach to security that involves ethical hackers simulating real-world cyber-attacks on your web application to uncover vulnerabilities. By mimicking the tactics of cybercriminals, these professionals can identify weaknesses before malicious actors can exploit them. This proactive process allows businesses to address security flaws early and maintain a…