VMware, Microsoft warn of widespread Chromeloader malware attacks
Because adware doesn't create notable damage to victims' systems, besides eating up some bandwidth, it is usually a threat that is ignored or downplayed by analysts
Read More...
Emotet botnet now pushes Quantum and BlackCat ransomware
The botnet is now being used to install a Cobalt Strike beacon on infected systems as a second-stage payload
Read More...
Lampion malware returns in phishing attacks abusing WeTransfer
Lampion is an active and stealthy threat, and users should be cautious with unsolicited emails asking them to download files, even from legitimate cloud services.
Read More...
Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework
Sliver presents an attractive alternative for threat actors looking for a lesser-known attack toolset with a low barrier for entry
Read More...
Phishing attacks abusing SaaS platforms see a massive 1,100% growth
If a message that makes bold claims or requests urgent action from you lands in your inbox, avoid clicking embedded links or buttons, but instead use a search engine to locate the official site of the potentially spoofed platform.
Read More...
FBI warns of residential proxies used in credential stuffing attacks
Typically, these proxies are made available to cybercriminals by hacking legitimate residential devices such as modems or other IoTs or through malware that converts a home user's computer into a proxy without their knowledge.
Read More...
CISA adds 7 vulnerabilities to list of bugs exploited by hackers
The 'Known Exploited Vulnerabilities Catalog' is a list of vulnerabilities shared by CISA that are known to be actively exploited in cyberattacks and must be patched by the Federal Civilian Executive Branch (FCEB) agencies.
Read More...
Credential Theft Is (Still) A Top Attack Method
The stats don't lie. Cybercriminals are advancing, there's no doubt, but if there's an option to take the path of least resistance, they'll take it. Too often, that means compromising passwords and exploiting vulnerable access points.
Read More...
Conti Cybercrime Cartel Using ‘BazarCall’ Phishing Attacks as Initial Attack Vector
Three different offshoots of the notorious Conti cybercrime cartel have resorted to the technique of call-back phishing as an initial access vector to breach targeted networks.
Read More...
New GwisinLocker ransomware encrypts Windows and Linux ESXi servers
A new ransomware family called 'GwisinLocker' targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines.
Read More...