Search

An amateur hacker’s operational security error enabled researchers to uncover more details about a cybercrime operation utilizing the Proton66 bulletproof hosting service, DomainTools reported Thursday.   The threat actor known as “Coquettte” was uncovered by DomainTools while investigating...

An attack campaign using DeepSeek, AutoCAD, UltraViewer and other business apps as phishing lures was found spreading three different backdoors for remote access to victims’ systems, Kaspersky revealed in a blog post Wednesday. One of the malware strains, known as TookPS, was previously discover...

In what some experts are calling a “big-time wakeup call” to security teams globally, a joint advisory was issued April 3 by government officials in the United States, Australia, Canada, and New Zealand warning that threat actors are using the well-known “fast flux” technique to change domain name ...

More advanced obfuscation techniques have been adopted by a new Hijack Loader malware variant, the SHELBY malware, and the Emmenhtal Loader to facilitate clandestine compromise, according to The Hacker News. After being spread via code-signing certificates and the ClickFix attack technique, ...

Attacks with the Grandoreiro banking trojan have been deployed against individuals in Mexico, Argentina, and Spain as part of recent phishing campaigns, SecurityWeek reports. Malicious emails purporting to be tax penalty warnings that use OVHcloud infrastructure have been leveraged to redire...

A security evasion tool from the RansomHub malware group has been used by ESET researchers to trace and connect attacks conducted by three other cybercrime groups. The findings, published Wednesday, show how use of RansomHub’s custom endpoint detection and response (EDR) tool EDRKillShifter has ...

New research released March 27 by Forescout Research-Vedere Labs found 46 new vulnerabilities across three of the world’s 10 leading solar inverter vendors, flaws that could impact power grid stability, utility operations, and consumer data privacy. The researchers found that 80% of vulnerabilit...

An analysis of over 200,000 leaked internal messages from the Black Basta ransomware group covering September 2023 to September 2024 has revealed potential links to Russian authorities and detailed insights into the groups cyber operations, The Hacker News reports. One of the most significan...

More than 180 unique command-and-control domains have been leveraged in attacks by the Raspberry Robin threat operation, also known as Storm-0856 and Roshtyak, indicating its evolution from a Windows worm to an initial access broker, The Hacker News reports. Despite having been utilized to f...

Infosecurity Magazine reports that threat actors have exploited Microsoft's .NET MAUI cross-platform development framework to craft fake apps masquerading as legitimate services that facilitate covert compromise in new Android malware campaigns. Android device users in India have been targeted w...