Tag: tactics
-
North Korean IT Worker Schemes Evolve: From Salary Scams to Cyber Extortion
A new report from Secureworks® Counter Threat Unit (CTU) researchers has revealed a disturbing escalation in the tactics used by North Korean government-linked actors who fraudulently secure IT jobs at... First seen on securityonline.info Jump to article: securityonline.info/north-korean-it-worker-schemes-evolve-from-salary-scams-to-cyber-extortion/
-
How DDoS Botent is used to Infect your Network?
DDoS botnet gained attention a few years ago due to its record-breaking attacks, but the emergence of new threats in 2024 illustrates the evolving tactics of cyber attackers. The cyber threat landscape is in constant flux, with vulnerabilities like Zyxel’s CVE-2023-28771 being exploited and MySQL servers coming under fire from variants like Ddostf and Mirai’s……
-
Beware of Fake AI Scam calls that Takeover your Gmail Account
Scammers use sophisticated AI technology to impersonate tech giants like Google, aiming to take over unsuspecting users’ Gmail accounts. A recent incident highlights these fraudsters’ cunning tactics, underscoring the need for heightened vigilance. The Initial Contact: A Suspicious Notification The trouble began with an unexpected notification. The user received a prompt to approve a Gmail…
-
OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region.”The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities…
-
How Hybrid Password Attacks Work and How to Defend Against Them
Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process. In this post, we’ll explore hybrid attacks, what they are First seen on thehackernews.com Jump…
-
Technical Analysis of DarkVision RAT
Tags: access, antivirus, api, attack, cloud, communications, computer, control, cybercrime, data, detection, encryption, endpoint, infection, injection, malicious, malware, network, open-source, password, powershell, rat, remote-code-execution, startup, tactics, theft, threat, tool, windowsIntroductionDarkVision RAT is a highly customizable remote access trojan (RAT) that first surfaced in 2020, offered on Hack Forums and their website for as little as $60. Written in C/C++, and assembly, DarkVision RAT has gained popularity due to its affordability and extensive feature set, making it accessible even to low-skilled cybercriminals. The RAT’s capabilities…
-
CISA warns about credential access in FY23 risk vulnerability assessment
CISA released its Fiscal Year 2023 (FY23) Risk and Vulnerability Assessments (RVA) Analysis, providing a crucial look into the tactics and techniques threat actors employed to compromise critical infrastructure. The report is part of the agency’s ongoing effort to improve… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/cisa-warns-about-credential-access-fy23-risk-assessment/
-
SHROUDED#SLEEP: APT37’s Advanced Evasion and Persistence Tactics in Southeast Asia
In a recent discovery, the Securonix Threat Research team, led by Den Iuzvyk and Tim Peck, has uncovered a stealthy malware campaign attributed to North Korea’s APT37, also known as... First seen on securityonline.info Jump to article: securityonline.info/shroudedsleep-apt37s-advanced-evasion-and-persistence-tactics-in-southeast-asia/
-
ENISA 2024: Ransomware and AI Are Posing New Cyberthreats
ENISA’s Ifigeneia Lella Shares Highlights of 2024 Threat Landscape Report. While the number of ransomware attacks stayed about the same in the past year, cybercriminals are using more effective tactics such as weaponizing breach disclosure deadlines to extract higher ransoms, according to ENISA’s 2024 Threat Landscape report. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/enisa-2024-ransomware-ai-are-posing-new-cyberthreats-a-26442
-
Cyberattackers Use HR Targets to Lay More_Eggs Backdoor
The FIN6 group is the likely culprit behind a spear-phishing campaign that demonstrates a shift in tactics, from targeting job seekers to going after those who hire. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/attackers-targeting-recruiters-more_eggs-backdoor
-
Magecart Attacks Surge as E-Commerce Security Struggles to Keep Pace
by Source Defense A new report by Recorded Future’s Insikt Group reveals a concerning rise in Magecart attacks and e-skimming activity targeting online retailers. The research highlights how cybercriminals are evolving their tactics to bypass traditional, rather antiquated client-side security measures such as Content Security Policy (CSP) and compromise e-commerce platforms at an alarming rate.…
-
Why is Chinese threat actor APT 41 in a tearing hurry?
Tags: apt, attack, backdoor, breach, china, control, cyber, data, data-breach, exploit, group, guide, india, infrastructure, intelligence, korea, leak, military, monitoring, network, risk, risk-assessment, soc, strategy, tactics, technology, threat, tool, trainingSince June 1st 2024, Chinese frontline threat actor APT 41 has been linked to as many as 63 events globally. These include attacks on Taiwanese research agencies in August and attacks on the shipping and logistics, utilities, media and entertainment, technology, and automobile sectors in countries such as Taiwan, Thailand, Italy, UAE, Spain, the United…
-
Hacktivist Groups Operating Together! Connection Ober TTPs Uncovered
Cybersecurity experts have uncovered a significant connection between hacktivist groups BlackJack and Twelve through overlapping tactics, techniques, and procedures (TTPs). This discovery illuminates the sophisticated methods employed by these groups and raises questions about their potential collaboration or shared objectives. The findings reveal shared tools, malware, and similar attack patterns targeting Russian organizations. This article…
-
Storm-0501 Targets Hybrid Clouds with Evolving Ransomware Tactics
In a recent report from Microsoft Threat Intelligence, the cybercriminal group Storm-0501 has been identified as a rising threat, targeting hybrid cloud environments through a series of sophisticated ransomware attacks.... First seen on securityonline.info Jump to article: securityonline.info/storm-0501-targets-hybrid-clouds-with-evolving-ransomware-tactics/
-
Embargo ransomware escalates attacks to cloud environments
Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/embargo-ransomware-escalates-attacks-to-cloud-environments/
-
Russian Hackers Target Ukrainian Servicemen via Messaging Apps
Russian cyber-attacks on Ukrainian servicemen underscore the escalating use of digital warfare tactics in the ongoing conflict First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-hackers-target-ukrainian/
-
Patchwork APT Group Unleashes Nexe Backdoor: A New Era in Cyber Espionage Tactics
Recent analyses by Cyble Research and Intelligence Labs (CRIL) have brought to light an ongoing cyber campaign orchestrated by the notorious Patchwork APT group. This campaign marks a new evolution in their tactics, leveraging a new backdoor dubbed “Nexe” to effectively evade detection mechanisms and execute sophisticated attacks, particularly against Chinese entities. First seen on…
-
Wallet Scam: A Case Study in Crypto Drainer Tactics
ey takeaways Introduction Crypto drainers are malicious tools that steal digital assets like NFTs, and tokens from cryptocurrency wallets. They often use phishing techniques and leverage smart contracts to enhance their impact. Typically, users are tricked into visiting phishing websites that mimic legitimate cryptocurrency platforms. Drainers then initiate fraudulent transactions and deceive users into signing…
-
WalletConnect Scam: A Case Study in Crypto Drainer Tactics
ey takeaways Introduction Crypto drainers are malicious tools that steal digital assets like NFTs, and tokens from cryptocurrency wallets. They often use phishing techniques and leverage smart contracts to enhance their impact. Typically, users are tricked into visiting phishing websites that mimic legitimate cryptocurrency platforms. Drainers then initiate fraudulent transactions and deceive users into signing…
-
Ransomware Task Force finds 73% attack increase in 2023
The Institute for Security and Technology’s Ransomware Task Force says a shift to big game hunting tactics led to a significant rise in attacks last year. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366611898/Ransomware-Task-Force-finds-73-attack-increase-in-2023
-
Israel’s Pager Attacks and Supply Chain Vulnerabilities
Israel’s brazen attacks on Hezbollah last week, in which hundreds of pagers and two-way radios exploded and killed at least 37 people, graphically illustrated a threat that cybersecurity experts have been warning about for years: Our international supply chains for computerized equipment leave us vulnerable. And we have no good means to defend ourselves. Though…
-
Discover Latest Ransomware Tactics and Zero Trust Strategies in This Expert Webinar
Ransomware is no longer just a threat; it’s an entire industry. Cybercriminals are growing more sophisticated, and their tactics are evolving rapidly.This persistent danger is a major concern for business leaders.But there’s good news: you don’t have to be defenseless. What if you could gain a strategic edge?Join our exclusive webinar, “Unpacking the 2024 Ransomware…
-
MFA bypass becomes a critical security issue as ransomware tactics advance
Ransomware is seen as the biggest cybersecurity threat across every industry, with 75% of organizations affected by ransomware more than once in the past 12 months a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/24/ransomware-session-hijacking-tactics/
-
Russian hackers have shifted tactics in third year of war, Ukraine cyber agency says
First seen on therecord.media Jump to article: therecord.media/russian-hackers-shifting-tactics-ukraine
-
Cybersecurity Snapshot: Critical Infrastructure Orgs Found Vulnerable to Basic Hacks, While New MITRE Tool Uses ML to Predict Attack Chains
Tags: access, advisory, apache, attack, authentication, botnet, business, cctv, ceo, china, cisa, cloud, computer, control, credentials, cyber, cyberattack, cybersecurity, data, defense, detection, firmware, framework, github, google, government, group, guide, hacker, identity, infrastructure, intelligence, international, Internet, iot, least-privilege, linkedin, linux, login, malicious, malware, mfa, microsoft, mitigation, mitre, ml, mobile, network, nist, office, password, phishing, risk, risk-management, router, service, software, supply-chain, tactics, technology, threat, tool, vulnerability, vulnerability-management, windows, xssReport finds that many critical infrastructure networks can be breached using simple attacks. Plus, a new MITRE Engenuity tool uses machine learning to infer attack sequences. Meanwhile, CISA will lead a project to standardize civilian agencies’ cyber operations. And get the latest on XSS vulnerabilities, CIS Benchmarks and a China-backed botnet’s takedown! Dive into six…
-
Threat Actors Exploit HR-Related Phishing Tactics in Sophisticated Credential-Stealing Campaigns
Phishing attacks continue to evolve in complexity, and the latest report from the Cofense Phishing Defense Center highlights a troubling trend: cybercriminals are increasingly using HR-related phishing tactics to trick... First seen on securityonline.info Jump to article: securityonline.info/threat-actors-exploit-hr-related-phishing-tactics-in-sophisticated-credential-stealing-campaigns/
-
ENISA Warns About Hacktivist, Ransomware Crossover
Hacktivists Are Likely to Increasingly Adopt Cybercrime Tactics, Report Says. Ransomware hacks and self-declared hacktivist denial-of-services attacks were the most prolific threat to European Union members over the 12-month period ending in June, the EU cyber agency warned, adding that the nexus between nation-state hackers and hacktivist groups poses an emerging threat. First seen on…