Cyware Alerts - Hacker News

Attackers Attempt to Infiltrate U.S. Military Contractors Via Phishing

Attackers Attempt to Infiltrate U.S. Military Contractors Via Phishing - Cyware Alerts - Hacker News
Securonix disclosed details about a new attack campaign aimed at multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. The attack begins with a phishing email sent to employees. With mild confidence, researchers attribut ... Read More

New Modular Campaign Delivers Cobalt Strike Beacons

New Modular Campaign Delivers Cobalt Strike Beacons - Cyware Alerts - Hacker News
A phishing campaign impersonating a government organization in the U.S. and a trade union in New Zealand attempts to deliver Cobalt Strike beacons on infected endpoints. The campaign exploits CVE-2017-0199, an RCE bug, that involves a multistage and modular infection chain with fileless, malic ... Read More

New Agent Tesla Campaign Spreads via Quantum Builder

New Agent Tesla Campaign Spreads via Quantum Builder - Cyware Alerts - Hacker News
A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla RAT. The infection chain starts with a spear-phishing email, including LNK File laden with GZIP Archive. This campaign delivering Agent Tesla is the latest in the list of malware threats that are u ... Read More

Hackers Use PowerPoint Files to Deliver Graphite Malware

Hackers Use PowerPoint Files to Deliver Graphite Malware - Cyware Alerts - Hacker News
A Cluster25 report stated that Russian GRU-linked APT28 is delivering Graphite malware to target entities in the defense and government sectors of the European Union and Eastern Europe. Cluster25 analysts state that the hackers have been planning the campaign since January or February but only ... Read More

Erbium InfoStealer Targets Web Browsers and Crypto Wallets

Erbium InfoStealer Targets Web Browsers and Crypto Wallets - Cyware Alerts - Hacker News
The Erbium info-stealer was found being advertised on Russian-speaking hacker forums. The malware is swiftly becoming a preferred choice for hackers and it is being disseminated as game cheats on gaming forums to steal credentials and crypto wallets. Cluster25 reported Erbium infections in the U.S. ... Read More

New SEO Poisoning Campaign Spreads GootLoader Malware

New SEO Poisoning Campaign Spreads GootLoader Malware - Cyware Alerts - Hacker News
Security experts laid bare an extensive SEO poisoning attack campaign targeting employees across industries as well the government sector for the search results of specific terms relevant to their work. Researchers have linked the recent campaign to a threat group, TAC-011, active for several years ... Read More

APT41 Continues Targeting Healthcare, Pharma

APT41 Continues Targeting Healthcare, Pharma - Cyware Alerts - Hacker News
A new alert by HC3 warned the healthcare sector against constant attacks by Chinese state-sponsored threat group, APT41. The group also targets pharmaceuticals and high-tech industries. It deploys multiple private and public malware to establish a foothold and custom tools to escalate privileg ... Read More

Metador: An Active Threat that Went Undetected for Years

Metador: An Active Threat that Went Undetected for Years - Cyware Alerts - Hacker News
Telecoms, Internet Services Providers (ISPs), and universities across the Middle East and Africa have been under attack by a sophisticated threat actor, dubbed Metador. The group uses two custom Windows malware frameworks with one finding its expertise in multi-layered obfuscation and the other bei ... Read More

Hacker Uses OAuth Apps for Phishing on Microsoft Exchange Servers

Hacker Uses OAuth Apps for Phishing on Microsoft Exchange Servers - Cyware Alerts - Hacker News
Cyber adversaries have taken over enterprise Exchange Servers to launch a spam campaign aimed at signing people up for bogus subscriptions. The investigation revealed that the threat actors leveraged unsecured administrator accounts to gain initial access to highly vulnerable accounts that aren’t M ... Read More

BlackCat’s Exmatter Upgraded With New Info-Stealing & Stealth Capabilities

BlackCat’s Exmatter Upgraded With New Info-Stealing & Stealth Capabilities - Cyware Alerts - Hacker News
The BlackCat ransomware gang is now attacking targets with an upgraded version of its data exfiltration tool, named Exmatter, adding more stealth to its operation. Further, it has added 'Eraser' feature to corrupt processed files along with 'Self-destruct' configuration option to delete and qu ... Read More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags