A new wave of cyberattacks has exposed a critical weakness in Secure Email Gateways (SEGs), allowing malicious emails to bypass security filters and deliver dangerous malware payloads. Cofense Intelligence has uncovered a sophisticated phishing...
A large-scale operation to remove the PlugX trojan from infected devices has commenced in six countries. This campaign was organized by the French police with the support of Europol and the French cybersecurity company...
Security researchers from AhnLab Security (ASEC) recently identified a new variant of the LummaC2 malware, which utilizes the popular gaming platform Steam as a C2 server. This method significantly heightens the threat to users...
A stealthy cyber campaign is leveraging a critical flaw in Microsoft Windows SmartScreen, the built-in security feature designed to protect users from malicious downloads. This vulnerability, tracked as CVE-2024-21412, has been weaponized by multiple...
Sekoia.io, in collaboration with Intrinsec, conducted an in-depth analysis of the Quad7 (7777) botnet, which utilizes TCP port 7777 on infected routers and carries out brute-force attacks on Microsoft 365 accounts worldwide. Experts detected...
At the end of 2023, researchers stumbled upon an intriguing discovery—a setup file named HotPage.exe. At first glance, this application appeared to be yet another piece of adware. However, deeper analysis revealed that behind...
The notorious espionage group Daggerfly, also known as Evasive Panda and Bronze Highland, has undergone a significant overhaul of its cyber arsenal, likely spurred by the public disclosure of its older malware variants. According...
CrowdStrike, a leading cybersecurity firm, has issued a warning about a new information-stealing malware dubbed “Connecio” that’s being distributed by threat actors using a cunning disguise: a fake CrowdStrike Falcon sensor update. This malicious...
Experts at Checkmarx have uncovered PyPI packages containing a malicious script in the “init.py” file that transmits user data to a Telegram bot. The malicious packages, uploaded by a user named “dsfsdfds,” were part...
Recently, the Knownsec 404 Advanced Threat Intelligence team identified suspicious activity by the Patchwork group targeting Bhutan. The attack utilized an updated backdoor written in Go, known as PGoShell, as well as a new...
In a recent series of events that disrupted major operations, the KADOKAWA Corporation experienced service outages that extended to multiple websites. What initially appeared to be a technical glitch soon escalated into a full-blown...
Huntress, a prominent cybersecurity firm, has recently uncovered a new wave of malicious activities involving the well-known SocGholish or FakeUpdates malware. The attackers have recently been observed leveraging the legitimate BOINC (Berkeley Open Infrastructure...
The notorious threat group GhostEmperor has resurfaced with an updated version of its sophisticated Demodex rootkit, according to a new report from Sygnia’s Incident Response team. Sygnia’s in-depth analysis uncovered a multi-stage infection chain...
Mandiant, in collaboration with Google’s Threat Analysis Group (TAG), has uncovered a widespread cyber espionage campaign orchestrated by the notorious advanced persistent threat (APT) group known as APT41. This sustained operation has compromised multiple...
Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated cyberattack campaign targeting cryptocurrency users. This multi-stage attack utilizes a combination of phishing emails, malicious shortcut files, PowerShell scripts, and legitimate software like RDPWrapper...
Support Securityonline.info site. Thanks!
