FreshRSS

πŸ”’
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks

By Newsroom
Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an "aggressive" hacking crew called APT28, have set their eyes on organizations dealing with foreign affairs, energy, defense, and transportation, as well as those involved with

Russian TrickBot Mastermind Gets 5-Year Prison Sentence for Cybercrime Spree

By Newsroom
40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department of Justice (DoJ) said. The development comes nearly two months after Dunaev pleaded guilty to committing computer fraud and identity theft and conspiracy to commit wire fraud and bank fraud. "

New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms

By Newsroom
A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio. β€œKey features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies

By Newsroom
Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a TΓΌrkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the targets was susceptible to supply chain and island-hopping attacks, which the attack group

Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication

By Newsroom
Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a restructured and enhanced iteration of its predecessor, this evolved Chameleon variant excels in executing Device Takeover (DTO) using the accessibility service, all while expanding its targeted region,

Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds

By Newsroom
Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season. The goal of the attacks is to propagate booby-trapped links that direct victims to adversary-in-the-middle (AiTM

Russian Hacker Vladimir Dunaev Pleads Guilty for Creating TrickBot Malware

By Newsroom
A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced. Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later. "Dunaev developed browser modifications and malicious tools that aided in credential harvesting and data

Major Phishing-as-a-Service Syndicate 'BulletProofLink' Dismantled by Malaysian Authorities

By Newsroom
Malaysian law enforcement authorities haveΒ announcedΒ the takedown of a phishing-as-a-service (PhaaS) operation calledΒ BulletProofLink. The Royal Malaysia Police said the effort, which was carried out with assistance from the Australian Federal Police (AFP) and the U.S. Federal Bureau of Investigation (FBI) on November 6, 2023, was based on information that the threat actors behind the platform

StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices

By Newsroom
An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one million devices around the world in the process. That's according to findings from Kaspersky, which has codenamed the threatΒ StripedFly, describing it as an "intricate modular framework that supports both Linux and Windows." The Russian cybersecurity

SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations

By THN
An open-source .NET-based information stealer malware dubbedΒ SapphireStealerΒ is being used by multiple entities to enhance its capabilities and spawn their own bespoke variants. β€œInformation-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate credentials, which are often resold to other threat actors who leverage the access for additional

Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead

By The Hacker News
Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11, Permiso Security’s p0 Labs team identified and tracked an attacker developing and deploying eight (8) incremental iterations of their credential harvesting malware while continuing to develop infrastructure for an upcoming (spoiler: now launched) campaign
❌