Cybercriminals are weaving complex webs of deception, using everything from fake NFTs to cryptographic loopholes. In one scheme, North Korean hackers are tricking software developers with a phony NFT project, deploying Invisible Ferret malware to take over their systems. Another campaign targets job seekers and Meta Ads users, using evasive techniques to sneak Quasar RAT onto their devices. Meanwhile, researchers have revealed vulnerabilities in several end-to-end encrypted cloud platforms, leaving platforms like Sync and Tresorit vulnerable to malicious data tampering. Read on for more.
01
The Contagious Interview phishing campaign by North Korean threat actors has been targeting software developers through a fake NFT project, Bored BeaverTail Yacht Club. It is delivering BeaverTail malware, installing the Python-based backdoor, Invisible Ferret, to gain full system control.
02
Cyble uncovered a multi-stage malware attack targeting job seekers and Meta Ads users. The malware employs advanced evasion techniques to deploy Quasar RAT, giving attackers full control over compromised systems.
03
Elastic Security Labs discovered a new evolution in the GHOSTPULSE malware family, which now hides its payload within the pixel structure of PNG files to evade detection.
04
Researchers warned about unknown threat actors trying to exploit a now-patched vulnerability, CVE-2024-37383, in Roundcube Webmail software to launch a phishing campaign targeting user credentials.
05
A recent Lumma Stealer campaign utilized fake CAPTCHA techniques to deliver its payload. The attackers employed phishing sites hosted on various providers and leveraged CDNs to host the sites.
06
Researchers uncovered cryptographic vulnerabilities in various E2EE cloud storage platforms, such as Sync, pCloud, Icedrive, Seafile, and Tresorit. These flaws allow a malicious server to inject files, tamper with data, and gain access to plaintext.
07
New speculative execution attacks have been discovered, bypassing existing Spectre mitigations in Intel's 12th-14th generation consumer chips, 5th-6th generation Xeon processors, and AMD's Zen 1, Zen 1+, and Zen 2 microarchitectures, making them vulnerable.
08
The Bumblebee malware loader has resurfaced, using advanced techniques to evade detection. Its new variant uses MSI files disguised as legitimate software installers, enhancing its stealth capabilities.
09
The CISA confirmed that ransomware groups have been exploiting a critical vulnerability, CVE-2024-40711, in Veeam software to gain control of systems and launch attacks.
10
New York financial regulators published guidance to help organizations identify and mitigate cybersecurity threats related to artificial intelligence, emphasizing the need for enhanced cybersecurity controls.
