04 Aug 2021

Iranian APT Lures Defense Contractor in Catfishing-Malware Scam

A new campaign using catfishing techniques with fake aerobics-instructor profiles has been discovered in a supply-chain attack attempt originating from an Iranian APT, TA456. The threat actors created convincing profiles of objectively attractive women to charm victims into downloading malware. According to a new report from Proofpoint, the campaign allegedly

Read More
04 Aug 2021

New Raccoon Stealer Campaign Underscores an Evolving Threat

Sophos researchers have detailed a new Racoon Stealer campaign that underscores the evolution of the information-stealer. According to Sophos, the Racoon Stealer has been distributed through a dropper campaign with the goal of stealing cryptocurrencies, cookies, and other valuable information located on target machines. Researchers confirmed that the campaign had

Read More
22 Jul 2021

NPM Package Steals Passwords via Chrome’s Account-Recovery Tool

A new widespread software supply-chain attack has been discovered by researchers, this time consisting of a password stealer harvesting credentials from Chrome on Windows systems via a tool called ChromePass. According to researchers, the campaign was discovered after professionals caught the malware stealing credentials, listening for incoming commands from the

Read More
21 Jul 2021

This new password-stealing Windows malware is distributed via ads for cracked software

Cybersecurity company Bitdefender has discovered a new form of malware that is delivered to victims via advertisements that appear in search results. Bitdefender states that the malware is being used as a gateway for attackers to steal passwords, deliver additional malware, and install cryptocurrency miners. The malware targets Windows devices

Read More
08 Jul 2021

MacOS Targeted in WildPressure APT Malware Campaign

Compromised WordPress websites have been enlisted by threat actors in a campaign targeting macOS users. WildPressure is the group of threat actors that have added a macOS malware variant to their campaign targeting energy sector businesses. Compromised WordPress websites are being utilized to carry out attacks.  Novel malware, named Milum,

Read More
08 Jul 2021

Scammers exploiting Kaseya ransomware attack to deploy malware

A phishing campaign that claims to offer a security update for Kaseya’s VSA software is actually attempting to install malware. The ransomware attack against IT firm Kaseya is being taken advantage of by cybercriminals. Cybercriminals are deploying spam to infect computers with Cobalt Strike-delivered malware.  The phishing email sent claims

Read More
25 Jun 2021

Crackonosh malware abuses Windows Safe mode to quietly mine for cryptocurrency

Malware named Crackonosh has been found to spread through pirated and cracked software that is frequently discovered through torrents, forums, and malicious websites, according to researchers at Avast. The Avast team conducted an investigation into this situation after uncovering Reddit reports of their antivirus software users curious as to why

Read More
07 Jun 2021

Latvian Woman Charged with Developing Malware for Trickbot

Alla Witte, a 55-year-old Latvian woman, has been charged with multiple counts for her alleged role in developing malware for the notorious Trickbot group. Witte has been charged with 19 counts of a 47-count indictment. Witte was arrested in February in Miami. Trickbot initially started several years ago as a

Read More
28 May 2021

Researchers find four new malware tools created to exploit Pulse Secure VPN appliances

Researchers at FireEye have disclosed attacks against defense, government, and financial organizations leveraging vulnerabilities in the Pulse Secure VPN software. Pulse Secure’s virtual private network and Secure Connect solutions are used by organizations worldwide to ensure secure access to business systems. FireEye reportedly discovered four new malware families designed specifically

Read More
27 May 2021

This phishing attack is using a call centre to trick people into installing malware on their Windows PC

A new and prolific phishing campaign is aiming to lure victims into believing that they have opened a subscription with a movie-streaming service, tricking them into calling a phone number to cancel the subscription. However, after contacting the call center, someone guides them through a procedure that eventually infects the

Read More