Medium

AiTM Phishing, Hold the Gabagool: Analyzing the Gabagool Phishing Kit

The threat actor would initially compromise the user’s mailbox and begin sending phishing emails to other employees. These emails prompt recipients to view an image attached to the email.
July 26, 2024

Patchwork Group Found Using Brute Ratel C4 and an Enhanced Version of PGoShell Backdoor

Patchwork hackers targeted Bhutan using the advanced Brute Ratel C4 tool, along with an updated backdoor called PGoShell. This marks the first time Patchwork has been observed using the red teaming software.

DeepKeep Secures $10M in Seed Funding to Boost GenAI Protection Endeavors

Founded in 2021 by Rony Ohayon, DeepKeep specializes in AI-Native Trust, Risk, and Security Management (TRiSM). The platform caters to large corporations reliant on AI, GenAI, and LLM technologies for risk management and growth protection.

Russian Consular Software Installer Backdoored to Deploy Konni RAT

This activity is linked to actors from North Korea targeting Russia. The trojan is being distributed through backdoored software installers and is capable of file transfers and command execution.

Kimsuky APT Disguises as a Korean Company to Distribute Troll Stealer

Troll Stealer's similarities to known malware families linked to Kimsuky, such as AppleSeed and AlphaSeed, raise concerns about the group's offensive cyber operations and its targeting of South Korean entities.

'Dormant Colors' Campaign Uncovered With Over 1 Million Data Stealing Extension Installations

The “Dormant Colors” is yet another vast campaign of malicious extensions with millions of active installations worldwide, this time with a color-related theme and full of deception all through the chain.

IcedID leverages PrivateLoader. By: Joshua Platt and Jason Reaves

PrivateLoader is not new to having some bigger malware names leveraging it as previous research indicates it being leveraged by TrickBot, Qakbot, DanaBot, and Dridex previously.

Online Programming Learning Sites can be Manipulated by Hackers to Launch Remote Attacks

Security researchers are warning that hackers can abuse online programming learning platforms to remotely launch cyberattacks, steal data, and scan for vulnerable devices, simply by using a web browser.

Mitigating Abuse of Android Application Permissions and Special App Accesses

Mobile devices commonly run a variety of applications that have the potential to contain exploitable vulnerabilities or deliberate malicious behaviors that exploit specific app permissions.

Reviewing the SOC visibility triad

The "SOC visibility triad" model refers to “security visibility” as something that is broader than detection or investigation (response) alone.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags