Tuesday, December 24, 2024

Phishing

New Python NodeStealer Attacking Facebook Business To Steal Login Credentials

NodeStealer, initially a JavaScript-based malware, has evolved into a more sophisticated Python-based threat that targets Facebook Ads Manager accounts, stealing sensitive financial and business data in addition to credit...

Earth Koshchei Employs RDP Relay, Rogue RDP server in Server Attacks

 A new cyber campaign by the advanced persistent threat (APT) group Earth Koshchei has brought rogue Remote Desktop Protocol (RDP) attacks to the forefront...

Cybercriminals Exploit Google Calendar and Drawings in Phishing Campaigns

Attackers are ingeniously exploiting Google Calendar and Google Drawings in phishing campaigns, targeting unsuspecting individuals and organizations.Leveraging the inherent trust in Google’s widely...

Antidot Malware Attacking Employees Android Devices To Inject Malicious Payloads

Researchers discovered a new variant of the AntiDot banking trojan targeting Android mobile devices through a mobile-phishing (mishing) campaign, where this variant builds upon...

Triad Nexus, Chinese Hackers Using 200,000 Domains For Widespread Cyber Attack

Researchers identified FUNNULL, a Chinese CDN, as hosting malicious content, which includes fake trading apps for financial fraud, gambling sites likely used for money...

Hackers Deploy Weaponized LNK Files for Malicious Payload Delivery

Researchers reported a phishing attack on December 4th, 2024, where malicious emails purportedly from the Ukrainian Union of Industrialists and Entrepreneurs were distributed, inviting...

Hackers Attacking Global Sporting Championships Via Fake Domains To Steal Logins

Cybercriminals online take advantage of well-known events to register malicious domains with keywords related to the event, with the intention of tricking users through...

APT-C-53 Weaponizing LNK Files To Deploy Malware Into Target Systems

Gamaredon, a persistent threat actor since 2013, targets the government, defense, diplomacy, and media sectors of their victims, primarily through cyberattacks, to gain sensitive...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top five industries targeted by subject-customized emails, which often leverage personal...

Cloudflare Developer Domains Abused For Cyber Attacks

Cloudflare Pages, a popular web deployment platform, is exploited by threat actors to host phishing sites, as attackers leverage Cloudflare's trusted infrastructure, global CDN,...

New TLDs Such as .shop, .top and .xyz Leveraged by Phishers

Phishing attacks have surged nearly 40% in the year ending August 2024, with a significant portion of this increase linked to new generic top-level...