Cyware Alerts - Hacker News

Enhanced Legion Credential Harvester Targets SSH Servers and AWS Credentials

Enhanced Legion Credential Harvester Targets SSH Servers and AWS Credentials - Cybersecurity news
An updated version of the Python-based, cloud-focused hack tool called Legion—which can extract credentials from vulnerable web servers—has surfaced. The updated variant incorporates the Paramiko module to exploit SSH servers. Furthermore, it can now retrieve specific AWS credentials associated wit ... Read More

Tortoiseshell Eyes Israeli Logistics Industry

Tortoiseshell Eyes Israeli Logistics Industry - Cybersecurity news
Alleged Iranian nation-state hacker group Tortoiseshell performed a watering hole attack on several shipping and logistics websites in Israel to collect information about their users. Attackers stay hidden by impersonating the genuine jQuery JavaScript framework. Organizations are urged to raise aw ... Read More

WinTapix Attack Campaign Targets Middle East Nations

WinTapix Attack Campaign Targets Middle East Nations - Cybersecurity news
An unidentified threat actor group has been observed employing a malicious Windows kernel driver in targeted attacks, primarily focusing on the Middle East region. Fortinet security experts have dubbed the artifact as WINTAPIX (WinTapix.sys). To stay protected, users are suggested to immediately im ... Read More

North Korea Actor Kimsuky Updates its Reconnaissance Malware RandomQuery

North Korea Actor Kimsuky Updates its Reconnaissance Malware RandomQuery - Cybersecurity news
Kimsuky, the North Korean APT group, is actively distributing a variant of custom malware known as RandomQuery as part of its reconnaissance campaigns. The malware has been specifically designed to perform two primary functions: file enumeration and data exfiltration. A real-time threat intelligenc ... Read More

Trojanized App Infects Over 50,000 with AhRAt Trojan

Trojanized App Infects Over 50,000 with AhRAt Trojan - Cybersecurity news
AhRAT is a newly discovered threat by ESET researchers on the Google Play Store that disguises itself as a screen recording application, which witnessed tens of thousands of installations. Threat actors added malicious functionality at a later stage of its release in August 2022. Organizations must ... Read More

Spying Campaign Targets Ukraine, Israel, and Others - Warns CERT-UA

Spying Campaign Targets Ukraine, Israel, and Others - Warns CERT-UA - Cybersecurity news
CERT-UA warned against a cyberespionage campaign by the UAC-0063 threat group targeting Ukraine, Mongolia, Kazakhstan, Kyrgyzstan, Israel, and India. To complicate investigation efforts and hinder attribution, the hackers employed the PyArmor and Themida software tools. Organizations are advised to ... Read More

Scammers Use Residential IP Addresses to Launch BEC Attacks

Scammers Use Residential IP Addresses to Launch BEC Attacks - Cybersecurity news
The Cyber Signals report revealed that Microsoft detected 35 million BEC attempts with an average of 156,000 attempts daily between April 2022 and April 2023. Microsoft also noticed a pattern in which attackers used a phishing-as-a-service platform, BulletProftLink, to obtain login credentials. To ... Read More

Windows Kernel Drivers Used in BlackCat Attacks

Windows Kernel Drivers Used in BlackCat Attacks - Cybersecurity news
Trend Micro revealed that the BlackCat ransomware group is using a signed kernel driver for evasion tactics. The driver was utilized in conjunction with a separate user client executable, with the intention of manipulating, pausing, and terminating specific processes associated with the security on ... Read More

'Inferno Drainer' Swindles $6 million in Four Months

'Inferno Drainer' Swindles $6 million in Four Months - Cybersecurity news
Security analysts at Scam Sniffer exposed a crypto phishing and scam service Inferno Drainer that swindled about $5.9 million worth of cryptocurrencies from 4,888 victims. It reportedly crafted over 689 counterfeit websites since March 27, 2023.  Deploy a real-time anti-scam protection solutio ... Read More

New DarkCloud Campaign Leverages Spam Emails

New DarkCloud Campaign Leverages Spam Emails - Cybersecurity news
ASEC’s AhnLab discovered a spam email campaign that distributes the DarkCloud info-stealer malware. The email contents urge recipients to review the attached payment statement, which purportedly pertains to their company account. Additionally, the threat actor installs ClipBanker on infected device ... Read More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags