Tag: tactics

Antidot Malware Attacking Employees Android Devices To Inject Malicious Payloads

Dec 12, 2024 3:05 PM

by

Andy Stern

in SecurityNews

Tags: android, banking, cyber, jobs, malicious, malware, mobile, phishing, social-engineering, tactics

Researchers discovered a new variant of the AntiDot banking trojan targeting Android mobile devices through a mobile-phishing (mishing) campaign, where this variant builds upon the version identified by Cyble in May 2024. The attackers leverage social engineering tactics, posing as recruiters offering job opportunities to lure victims. Once a user clicks on a malicious link…
The imperative for governments to leverage genAI in cyber defense

Dec 11, 2024 10:05 PM

by

Andy Stern

in SecurityNews

Tags: ai, attack, cyber, cyberattack, cybersecurity, dark-web, data, deep-fake, defense, detection, email, endpoint, gartner, government, incident response, infrastructure, intelligence, LLM, malicious, malware, microsoft, strategy, tactics, threat, tool, training, vulnerability

In an era where cyber threats are evolving at an unprecedented pace, the need for robust cyber defense mechanisms has never been more critical. Sixty-two percent of all cyberattacks focus on public sector organizations directly and indirectly. Nation-state actors, equipped with generative artificial intelligence (genAI) sophisticated tools and techniques, pose significant threats to national security,…
Black Basta Ransomware Uses MS Teams, Email Bombing to Spread Malware

Dec 10, 2024 8:08 PM

by

Andy Stern

in SecurityNews

Tags: email, group, infection, malware, ransomware, social-engineering, tactics

The Black Basta ransomware group is using advanced social engineering tactics and a multi-stage infection process to target organizations. First seen on hackread.com Jump to article: hackread.com/black-basta-gang-ms-teams-email-bombing-malware/
Inside the incident: Uncovering an advanced phishing attack

Dec 10, 2024 5:07 PM

by

Andy Stern

in SecurityNews

Tags: access, attack, detection, email, malicious, phishing, tactics, threat

Recently, Varonis investigated a phishing campaign in which a malicious email enabled a threat actor to access the organization. This blog post will reveal the tactics used to avoid detection and share what was discovered during the investigation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/inside-the-incident-uncovering-an-advanced-phishing-attack/
Five Ways Spear Phishing Tactics are Evolving in 2025

Dec 10, 2024 4:07 PM

by

Andy Stern

in SecurityNews

Tags: defense, phishing, spear-phishing, tactics

What type of phishing became very effective around 2010 and still worries security teams today? Spear phishing. Spear phishing remains highly effective and is getting more dangerous by the day. What is spear phishing? What new technologies and methods will attackers use to get around common defenses? How will they become more precise and convincing?……
Webinar Today: Inside a Hacker’s Playbook How Cybercriminals Use Deepfakes

Dec 10, 2024 3:08 PM

by

Andy Stern

in SecurityNews

Tags: business, cybercrime, deep-fake, email, exploit, hacker, social-engineering, tactics, technology

Join the live, eye-opening session that pulls back the curtain on how bad actors exploit social engineering tactics, like deepfake technology and Business Email Compromise (BEC). The post Webinar Today: Inside a Hacker’s Playbook How Cybercriminals Use Deepfakes appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/webinar-today-inside-a-hackers-playbook-how-cybercriminals-use-deepfakes/
APT53 Weaponizing LNK Files To Deploy Malware Into Target Systems

Dec 10, 2024 8:10 AM

by

Andy Stern

in CISO

Tags: apt, attack, cyber, cyberattack, defense, email, government, malicious, malware, phishing, tactics, threat

Gamaredon, a persistent threat actor since 2013, targets the government, defense, diplomacy, and media sectors of their victims, primarily through cyberattacks, to gain sensitive information and disrupt operations. It continues to employ sophisticated tactics, leveraging malicious LNK and XHTML files alongside intricate phishing schemes to carry out cyberattacks. Phishing emails with four distinct attack payloads…
Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

Dec 9, 2024 8:07 PM

by

Andy Stern

in SecurityNews

Tags: email, qr, ransomware, social-engineering, tactics, threat

The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024.”Users within the target environment will be email bombed by the threat actor, which is often achieved by signing up the user’s email…
Exclusive: Feds are probing 764, The Com’s use of cybercriminal tactics to carry out violent crimes

Dec 5, 2024 4:48 PM

by

Andy Stern

in SecurityNews

Tags: crime, crimes, cybercrime, group, intelligence, law, social-engineering, tactics, tool

The child sextortion group 764 and the global collective of loosely associated groups known as “The Com” are using tools and techniques normally used for financially motivated cybercrime tactics, such as SIM swapping, IP grabbing and social engineering, to commit violent crimes, according to exclusive law enforcement and intelligence reports reviewed by CyberScoop. […] First…
No Timeline for Evicting Chinese Hackers from US Networks

Dec 3, 2024 9:48 PM

by

Andy Stern

in SecurityNews

Tags: china, government, hacker, network, tactics, threat

Beijing Threat Actor Shifts Tactics in Response to Public Disclosure. Chinese hackers who penetrated U.S. telecoms likely haven’t been fully evicted partially due to shifting tactics made in response to public disclosures, federal officials said Tuesday. Industry and government investigators have revealed in dribs and drabs a campaign of Beijing telecom hacking. First seen on…
Kimsuky Group Adopts New Phishing Tactics to Target Victims

Dec 3, 2024 5:48 PM

by

Andy Stern

in SecurityNews

Tags: credentials, group, north-korea, phishing, russia, tactics

North Korean Kimsuky group has escalated their phishing campaigns, using Russian domains to steal credentials First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/kimsuky-adopts-new-phishing-tactics/
Apple Faces Privacy Lawsuit: Employee Alleges Invasive Device Monitoring

Dec 3, 2024 2:48 PM

by

Andy Stern

in SecurityNews

Tags: apple, monitoring, privacy, tactics

A current Apple employee has filed a lawsuit against the tech giant, accusing the company of using invasive surveillance tactics on its workers’ personal devices. The Apple lawsuit, filed on Sunday evening in California state court, puts allegations that Apple monitors employees’ private iCloud accounts and non-work-related devices without their consent. First seen on thecyberexpress.com…
ElizaRAT Exploits Google, Telegram, Slack Services For C2 Communications

Dec 3, 2024 9:50 AM

by

Andy Stern

in SecurityNews

Tags: android, attack, communications, cyber, espionage, exploit, google, government, group, india, linux, military, rat, service, tactics, windows

APT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated Windows RAT that, initially detected in 2023, employs advanced evasion tactics and robust C2 capabilities to target Indian government agencies, diplomatic personnel, and military installations. The group leverages multiple platforms, including Windows, Linux, and Android, to broaden its attack surface as…
Signs Point to Foreign Syndicate Fueling BEC Surge From Within U.S. ISPs

Dec 2, 2024 5:48 PM

by

Andy Stern

in SecurityNews

Tags: detection, tactics, threat, tool

By staying informed of these evolving tactics and adopting advanced detection tools, organizations can better protect themselves against the increasingly stealthy and persistent BEC threats affecting businesses worldwide. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/signs-point-to-foreign-syndicate-fueling-bec-surge-from-within-u-s-isps/
AWS launches tools to tackle evolving cloud security threats

Dec 2, 2024 2:28 PM

by

Andy Stern

in SecurityNews

Tags: access, ai, api, attack, cio, ciso, cloud, credentials, cyber, data, detection, exploit, finance, framework, healthcare, incident response, metric, mitre, ml, ransomware, security-incident, service, tactics, theft, threat, tool, update

The increasing sophistication and scale of cyber threats pose a growing challenge for enterprises managing complex cloud environments. Security teams often face overwhelming volumes of alerts, fragmented workflows, and limited tools to identify and respond to attack patterns spanning multiple events.Amazon Web Services (AWS) is addressing these challenges with two significant updates to its cloud…
8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play

Dec 2, 2024 12:28 PM

by

Andy Stern

in SecurityNews

Tags: android, google, malicious, malware, mobile, social-engineering, tactics

Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs.”These PUP (potentially unwanted programs) applications use social engineering tactics to trick users into providing sensitive information and granting extra mobile app permissions,…
Crimson Palace geht mit neuen Tools, Taktiken und Zielen in die Offensive

Dec 1, 2024 9:28 PM

by

Andy Stern

in SecurityNews

Tags: sophos, tactics, tool

Sophos hat seinen neuen Report ‘Crimson Palace: New Tools, Tactics, Targets veröffentlicht. Der Report beschreibt die jüngsten Entwicklungen in einer … First seen on news.sophos.com Jump to article: news.sophos.com/de-de/2024/09/17/crimson-palace-geht-mit-neuen-tools-taktiken-und-zielen-in-die-offensive/
Sophos X-Ops veröffentlicht Cyber-Spionage-Report

Dec 1, 2024 4:26 PM

by

Andy Stern

in SecurityNews

Tags: cyber, sophos, tactics, tool

Sophos hat seinen neuen Report ‘Crimson Palace: New Tools, Tactics, Targets veröffentlicht. Report beschreibt die jüngsten Entwicklungen in einer fast… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-x-ops-veroeffentlicht-cyber-spionage-report/a38338/
CISA warns about credential access in FY23 risk vulnerability assessment

Dec 1, 2024 3:26 PM

by

Andy Stern

in SecurityNews

Tags: access, cisa, credentials, risk, tactics, vulnerability

CISA released its Fiscal Year 2023 (FY23) Risk and Vulnerability Assessments (RVA) Analysis, providing a crucial look into the tactics and techniques … First seen on securityintelligence.com Jump to article: securityintelligence.com/news/cisa-warns-about-credential-access-fy23-risk-assessment/
Fake Betting Apps Using AI-Generated Voices to Sensitive Data

Nov 29, 2024 4:28 PM

by

Andy Stern

in SecurityNews

Tags: ai, cybercrime, data, group, scam, tactics

Group-IB has discovered that cybercriminals are using fake betting apps and ads with AI-generated voices to steal personal information and money. Discover the tactics used by scammers and how to avoid falling victim to these fraudulent schemes. First seen on hackread.com Jump to article: hackread.com/fake-betting-apps-ai-generated-voices-steal-data/
Popular game script spoofed to infect thousands of game developers

Nov 29, 2024 1:28 PM

by

Andy Stern

in SecurityNews

Tags: android, antivirus, attack, crypto, github, linux, macOS, malicious, malware, network, open-source, programming, service, software, tactics, vulnerability, windows

A malware loader, now named GodLoader, has been observed to be using Godot, a free and open-source game engine, as its runtime to execute malicious codes and has dropped known malware on at least 17,000 machines.Unaware users of the engine, which helps create 2D and 3D games and deploy them across various platforms including Windows,…
Beyond FUD Links: Rockstar PaaS Kit Exploits Trusted Platforms for Phishing

Nov 29, 2024 5:46 AM

by

Andy Stern

in SecurityNews

Tags: cybersecurity, email, exploit, phishing, service, tactics

The Rockstar Phishing-as-a-Service (PaaS) kit has caught the attention of cybersecurity experts for its advanced and devious tactics to bypass email defenses. In a report from Trustwave SpiderLabs, Rockstar’s arsenal... First seen on securityonline.info Jump to article: securityonline.info/beyond-fud-links-rockstar-paas-kit-exploits-trusted-platforms-for-phishing/
Gaming Engines: An Undetected Playground for Malware Loaders

Nov 27, 2024 3:11 PM

by

Andy Stern

in SecurityNews

Tags: credentials, cybercrime, malicious, malware, ransomware, tactics, theft

ey Points Introduction Cybercriminals constantly try to evolve their tactics and techniques, aiming to increase infections. Their need to stay undetected pushes them to innovate and discover new methods of delivering and executing malicious code, which can result in credentials theft and even ransomware encryption. Check Point Research discovered a new undetected technique that uses…
CISA Details Red Team Assessment Including TTPs Network Defense

Nov 26, 2024 9:11 AM

by

Andy Stern

in SecurityNews

Tags: cisa, cyber, cyberattack, cybersecurity, defense, detection, infrastructure, network, RedTeam, tactics

The Cybersecurity and Infrastructure Security Agency (CISA) recently detailed findings from a Red Team Assessment (RTA) conducted on a critical infrastructure organization in the United States. The assessment, carried out over three months, simulated real-world cyberattacks to evaluate the organization’s cybersecurity defenses, detection capabilities, and response readiness. This comprehensive analysis sheds light on the tactics,…
North Korean and Chinese Threat Actors Target Crypto, Aerospace, and Government Agencies

Nov 26, 2024 8:13 AM

by

Andy Stern

in SecurityNews

Tags: china, crypto, cyber, government, intelligence, korea, microsoft, north-korea, tactics, threat

At CYBERWARCON 2024, Microsoft Threat Intelligence unveiled groundbreaking research on two major nation-state cyber actors: North Korea and China. These revelations provide a closer look at their tactics, techniques, and... First seen on securityonline.info Jump to article: securityonline.info/north-korean-and-chinese-threat-actors-target-crypto-aerospace-and-government-agencies/
Black Basta Ransomware Group Retools for Strategic Attacks

Nov 25, 2024 10:31 PM

by

Andy Stern

in SecurityNews

Tags: attack, group, law, ransomware, russia, social-engineering, tactics

Social Engineering Moves Mirror Nation-State Groups’ Tactics, Researchers Say. The Black Basta ransomware group has been refining its social engineering tactics to amass more victims despite escalating law enforcement disruptions, together with a shift to more strategic, long-term planning that security experts said suggests Russian state ties. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/black-basta-ransomware-group-retools-for-strategic-attacks-a-26898
Wallet Scam: A Case Study in Crypto Drainer Tactics

Nov 25, 2024 2:47 PM

by

Andy Stern

in SecurityNews

Tags: crypto, malicious, scam, tactics, tool

ey takeaways Introduction Crypto drainers are malicious tools that steal digital assets like NFTs, and tokens from cryptocurrency wallets. They often … First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/walletconnect-scam-a-case-study-in-crypto-drainer-tactics/
Blov HTML Crypter: Phishing Evasion Through Encryption and Obfuscation

Nov 25, 2024 1:54 PM

by

Andy Stern

in SecurityNews

Tags: cybercrime, detection, encryption, malicious, phishing, tactics, tool

Cybercriminals are sharpening their phishing tactics with tools like Blov HTML Crypter, a utility that modifies HTML files to evade detection by security scanners. By employing techniques such as minification, encryption, and encoding, this tool transforms malicious HTML content into a form that’s harder for security systems to recognize. Contact a SlashNext security expert… First…
North Korea’s Cyber Evolution and China’s Storm-2077 Unveiled by Microsoft Analysts

Nov 25, 2024 7:54 AM

by

Andy Stern

in SecurityNews

Tags: attack, china, cyber, cybersecurity, intelligence, korea, microsoft, north-korea, strategy, tactics, threat

Microsoft Threat Intelligence analysts has shared new insights into North Korean and Chinese threat actors. At the recent CYBERWARCON, cybersecurity analyst shared details into the rise of attacks, the evolution of threat actor tactics, and the strategies employed by various state-backed groups. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/microsoft-insights-on-chinese-threat-actor/
Response to CISA Advisory (AA24-326A): Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization

Nov 23, 2024 7:54 AM

by

Andy Stern

in SecurityNews

Tags: advisory, cisa, cyber, defense, infrastructure, malicious, RedTeam, resilience, tactics

In response to the recently published CISA Advisory (AA24-326A) which highlights the CISA Red Team’s simulation of real-world malicious cyber operations, AttackIQ has provided actionable recommendations to help organizations emulate these attacks. These guidelines enable organizations to emulate tactics and techniques, helping to assess and improve their defenses against similar adversarial behaviors. First seen on…