Cybersecurity researchers at Check Point have identified six different fraudulent anti-virus applications that have since been removed from the Google Play store. The applications are parading as tools that help to protect users from cybercrime, however, they actually deliver malware to steal passwords, bank details, and other personal information. The

Threat actors have targeted both Microsoft Office 365 and Google Workspace in a new campaign that leverages a legitimate domain associated with a road-safety organization in Moscow to distribute messages. The attackers are spoofing voice message notifications from WhatsApp in the malicious phishing campaign. Their ultimate goal is to trick

American and South African investigators have teamed up to crack down on fraud that is persistent in the latter country, recently arresting several members linked to a suspected fraud gang. The individuals arrested consisted of three South Africans and four Nigerians, and are believed to be linked to an infamous

The Computer Emergency Response Team of Ukraine (CERT-UA) has spotted new phishing attempts attributed to the Russian threat group tracked as Armageddon (Gamaredon). The malicious emails attempt to trick the recipients with lures themed after the war in Ukraine and infect the target systems with espionage-focused malware. CERT-UA has identified two separate

A threat actor previously linked to the Belarusian Ministry of Defense, Ghostwriter, has recently adopted nearly invisible Browser-in-the-Browser (BitB) credential phishing techniques. The tool is likely being leveraged in its attacks against Ukraine and exploitation of the war being waged in the country. Ghostwriter is currently using war-themed attacks to

According to cybersecurity research from Google’s Threat Analysis Group (TAG), government backed hackers from Russia, China, Iran, and North Korea are exploiting Russia’s invasion of Ukraine. The attacks leverage public interest in the conflict and are designed to steal login credentials, sensitive information, and money from victims spanning several countries.

A Ukrainian-based threat actor has launched a spearphishing attack against Russians that are using services that have been banned for use by the Kremlin. The attack targets Russian cities and governments that are not aligned with the actions of the Russian government. MalwareBytes identified the campaign last week, stating that

Microsoft has confirmed that a large scale cyberattack is targeting its Azure developers through malicious npm packages. JFrog cybersecurity researchers released a report on Wednesday detailing how hundreds of malicious packages have been identified. The packages were designed to steal personally identifiable information from developers. According to researchers, the campaign

Security company Barracuda recently conducted a study into spear-phishing attempts, finding that one third of malicious logins into compromised accounts in 2021 originated in Nigeria. The conclusion was detailed in the company’s latest report, released on Wednesday. To form the report, Barracuda researchers analyzed millions of emails spanning thousands of

InvisiMole is allegedly conducting a series of attacks agains Ukrainian targets, spreading the LoadEdge backdoor. Ukrainian security officials warned of the campaign, which features a threat actor group with ties to Russia. The Computer Emergency Response Team for Ukraine (CERT-UA) stated last week that the department had been advised of