Poison Ivy has resurfaced, targeting defense, government, and technology sectors with spear-phishing and watering hole attacks. Using fake websites, the group delivers Sliver RAT. SmokeLoader is making waves in Taiwan, with a new malware campaign targeting manufacturing, healthcare, and IT companies. Rockstar 2FA is fueling a surge in Microsoft 365 phishing attacks. Boasting over 5,000 phishing domains, this PhaaS platform has become a preferred tool for large-scale credential theft. Read on for the top 10 highlights from cyberspace.
01
Poison Ivy is actively targeting multiple sectors using advanced phishing techniques like spear-phishing and watering holes. It deploys Sliver RAT via fake websites.
02
A sophisticated malware campaign has been found targeting Taiwanese companies in manufacturing, healthcare, and IT sectors using SmokeLoader.
03
The Interpol-led Operation HAECHI V, supported by South Korea, resulted in the arrest of over 5,500 individuals involved in cyber-enabled crimes and the seizure of over $400 million in digital and fiat currencies.
04
A new group of 15 SpyLoan Android malware apps with over eight million installs was found on Google Play, mainly affecting users in South America, Southeast Asia, and Africa.
05
A phishing attack has been using corrupted Word attachments to evade detection, tricking recipients into scanning a QR code that leads to a fake Microsoft login page.
06
A new PhaaS platform called Rockstar 2FA has appeared, enabling large-scale attacks that steal Microsoft 365 login details by bypassing MFA. It has launched over 5,000 phishing domains.
07
Malicious code exploiting a year-old firmware vulnerability called LogoFAIL has been discovered, allowing attackers to install the Bootkitty Linux backdoor.
08
MediaTek released a Product Security Bulletin addressing a high-severity vulnerability (CVE-2024-20125) in the video decoder component of its chipsets.
09
ACROS Security discovered a zero-day vulnerability in Windows Server 2012 and Server 2012 R2, which allows attackers to bypass the Mark of the Web security feature. This flaw has gone unnoticed for over two years.
10
A new report by Permiso noted that 45% of organizations experienced identity security incidents last year, with 54% of breaches targeting sensitive data.
