Fake WordPress security advisory pushes backdoor plugin
Upon installation, the plugin creates a hidden admin user named 'wpsecuritypatch' and sends information about the victim to the attackers' command and control server (C2)
Read More...Upon installation, the plugin creates a hidden admin user named 'wpsecuritypatch' and sends information about the victim to the attackers' command and control server (C2)
Read More...After becoming an ALPHV/BlackCat affiliate, Octa Tempest deployed the ransomware both to steal and encrypt victim data
Read More...The malvertizing campaign was created by someone who hacked into the ad account of a legitimate Australian business to create two malicious ads targeting system admins
Read More...In July 2023, Storm-0324 began using phishing lures sent over Teams with malicious links leading to a malicious SharePoint-hosted file
Read More...The harvested data, which could also contain credentials and valuable intellectual property, is ultimately transmitted to the server in the form of a ZIP archive file
Read More...The AMP URLs trigger a redirection to a malicious phishing site, and this additional step also adds an analysis-disrupting layer
Read More...The hacking group has a long history of targeting cryptocurrency companies and cybersecurity researchers for cyberespionage and to steal cryptocurrency
Read More...The feat is possible because the application has client-side protections that can be tricked into treating an external user as an internal one just by changing the ID in the POST request of a message
Read More...The authentic-looking decoy pages function as a reverse proxy to harvest credentials and time-based one-time passwords (TOTPs) entered by the victims
Read More...Users may be manipulated into downloading and executing the malware under the guise of legitimate software
Read More...