Cyware Alerts - Hacker News
Attackers Attempt to Infiltrate U.S. Military Contractors Via Phishing
/https://cyware-ent.s3.amazonaws.com/image_bank/176d_shutterstock_1179329605.jpg "Attackers Attempt to Infiltrate U.S. Military Contractors Via Phishing - Cyware Alerts - Hacker News")
Securonix disclosed details about a new attack campaign aimed at multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. The attack begins with a phishing email sent to employees. With mild confidence, researchers attribut ... Read More
New Modular Campaign Delivers Cobalt Strike Beacons
/https://cyware-ent.s3.amazonaws.com/image_bank/6e0b_shutterstock_418940485.jpg "New Modular Campaign Delivers Cobalt Strike Beacons - Cyware Alerts - Hacker News")
A phishing campaign impersonating a government organization in the U.S. and a trade union in New Zealand attempts to deliver Cobalt Strike beacons on infected endpoints. The campaign exploits CVE-2017-0199, an RCE bug, that involves a multistage and modular infection chain with fileless, malic ... Read More
New Agent Tesla Campaign Spreads via Quantum Builder
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_397754680.jpg "New Agent Tesla Campaign Spreads via Quantum Builder - Cyware Alerts - Hacker News")
A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla RAT. The infection chain starts with a spear-phishing email, including LNK File laden with GZIP Archive. This campaign delivering Agent Tesla is the latest in the list of malware threats that are u ... Read More
Hackers Use PowerPoint Files to Deliver Graphite Malware
/https://cyware-ent.s3.amazonaws.com/image_bank/9ae7_shutterstock_1329983519.jpg "Hackers Use PowerPoint Files to Deliver Graphite Malware - Cyware Alerts - Hacker News")
A Cluster25 report stated that Russian GRU-linked APT28 is delivering Graphite malware to target entities in the defense and government sectors of the European Union and Eastern Europe. Cluster25 analysts state that the hackers have been planning the campaign since January or February but only ... Read More
Erbium InfoStealer Targets Web Browsers and Crypto Wallets
/https://cyware-ent.s3.amazonaws.com/image_bank/9c54_shutterstock_285665918.jpg "Erbium InfoStealer Targets Web Browsers and Crypto Wallets - Cyware Alerts - Hacker News")
The Erbium info-stealer was found being advertised on Russian-speaking hacker forums. The malware is swiftly becoming a preferred choice for hackers and it is being disseminated as game cheats on gaming forums to steal credentials and crypto wallets. Cluster25 reported Erbium infections in the U.S. ... Read More
New SEO Poisoning Campaign Spreads GootLoader Malware
/https://cyware-ent.s3.amazonaws.com/image_bank/2baf_shutterstock_1881482197.jpg "New SEO Poisoning Campaign Spreads GootLoader Malware - Cyware Alerts - Hacker News")
Security experts laid bare an extensive SEO poisoning attack campaign targeting employees across industries as well the government sector for the search results of specific terms relevant to their work. Researchers have linked the recent campaign to a threat group, TAC-011, active for several years ... Read More
APT41 Continues Targeting Healthcare, Pharma
/https://cyware-ent.s3.amazonaws.com/image_bank/a612_shutterstock_1261948831.jpg "APT41 Continues Targeting Healthcare, Pharma - Cyware Alerts - Hacker News")
A new alert by HC3 warned the healthcare sector against constant attacks by Chinese state-sponsored threat group, APT41. The group also targets pharmaceuticals and high-tech industries. It deploys multiple private and public malware to establish a foothold and custom tools to escalate privileg ... Read More
Metador: An Active Threat that Went Undetected for Years
/https://cyware-ent.s3.amazonaws.com/image_bank/71ec_shutterstock_717242740.jpg "Metador: An Active Threat that Went Undetected for Years - Cyware Alerts - Hacker News")
Telecoms, Internet Services Providers (ISPs), and universities across the Middle East and Africa have been under attack by a sophisticated threat actor, dubbed Metador. The group uses two custom Windows malware frameworks with one finding its expertise in multi-layered obfuscation and the other bei ... Read More
Hacker Uses OAuth Apps for Phishing on Microsoft Exchange Servers
/https://cyware-ent.s3.amazonaws.com/image_bank/5f6f_shutterstock_1851526309.jpg "Hacker Uses OAuth Apps for Phishing on Microsoft Exchange Servers - Cyware Alerts - Hacker News")
Cyber adversaries have taken over enterprise Exchange Servers to launch a spam campaign aimed at signing people up for bogus subscriptions. The investigation revealed that the threat actors leveraged unsecured administrator accounts to gain initial access to highly vulnerable accounts that aren’t M ... Read More
BlackCat’s Exmatter Upgraded With New Info-Stealing & Stealth Capabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/d2db_shutterstock_1517016749.jpeg "BlackCat’s Exmatter Upgraded With New Info-Stealing & Stealth Capabilities - Cyware Alerts - Hacker News")
The BlackCat ransomware gang is now attacking targets with an upgraded version of its data exfiltration tool, named Exmatter, adding more stealth to its operation. Further, it has added 'Eraser' feature to corrupt processed files along with 'Self-destruct' configuration option to delete and qu ... Read More
Defend Against Threats with Cyber Fusion
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.
Learn More
Trending Tags
