FreshRSS

🔒
△ 🔃
☐ ☆ ✇ The Hacker News

Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan

By THN — August 1st 2023 at 04:20
Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware referred to as Ursnif (aka Gozi). "It is a sophisticated downloader with the objective of installing a second malware payload," Proofpoint said in a technical report. "The malware uses multiple mechanisms
☐ ☆ ✇ The Hacker News

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

By Ravie Lakshmanan — March 31st 2023 at 14:07
The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them to gain access to the email mailboxes of government entities in Europe," Proofpoint 
☐ ☆ ✇ The Hacker News

Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant

By Ravie Lakshmanan — December 10th 2022 at 11:46
Travel agencies have emerged as the target of a hack-for-hire group dubbed Evilnum as part of a broader campaign aimed at legal and financial investment institutions in the Middle East and Europe. The attacks, which took place during 2020 and 2021 and likely went as far back as 2015, involved a revamped variant of a malware called Janicab that leverages a number of public services like WordPress
☐ ☆ ✇ The Hacker News

Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier

By Ravie Lakshmanan — December 7th 2022 at 11:58
A state-sponsored hacking group with links to Russia has been linked to attack infrastructure that spoofs the Microsoft login page of Global Ordnance, a legitimate U.S.-based military weapons and hardware supplier. Recorded Future attributed the new infrastructure to a threat activity group it tracks under the name TAG-53, and is broadly known by the cybersecurity community as Blue Callisto,
☐ ☆ ✇ The Hacker News

Nighthawk Likely to Become Hackers' New Post-Exploitation Tool After Cobalt Strike

By Ravie Lakshmanan — November 23rd 2022 at 05:40
A nascent and legitimate penetration testing framework known as Nighthawk is likely to gain threat actors' attention for its Cobalt Strike-like capabilities. Enterprise security firm Proofpoint said it detected the use of the software in mid-September 2022 by a red team with a number of test emails sent using generic subject lines such as "Just checking in" and "Hope this works2." However, there
❌