08 Apr 2022

Thousands of Android users downloaded this password-stealing malware disguised as anti-virus from Google Play

Cybersecurity researchers at Check Point have identified six different fraudulent anti-virus applications that have since been removed from the Google Play store. The applications are parading as tools that help to protect users from cybercrime, however, they actually deliver malware to steal passwords, bank details, and other personal information. The

Read More
07 Apr 2022

Attackers Spoof WhatsApp Voice-Message Alerts to Steal Info

Threat actors have targeted both Microsoft Office 365 and Google Workspace in a new campaign that leverages a legitimate domain associated with a road-safety organization in Moscow to distribute messages. The attackers are spoofing voice message notifications from WhatsApp in the malicious phishing campaign. Their ultimate goal is to trick

Read More
06 Apr 2022

South African and US Officers Swoop on Fraud Gang

American and South African investigators have teamed up to crack down on fraud that is persistent in the latter country, recently arresting several members linked to a suspected fraud gang. The individuals arrested consisted of three South Africans and four Nigerians, and are believed to be linked to an infamous

Read More
05 Apr 2022

Ukraine spots Russian-linked ‘Armageddon’ phishing attacks

The Computer Emergency Response Team of Ukraine (CERT-UA) has spotted new phishing attempts attributed to the Russian threat group tracked as Armageddon (Gamaredon). The malicious emails attempt to trick the recipients with lures themed after the war in Ukraine and infect the target systems with espionage-focused malware. CERT-UA has identified two separate

Read More
01 Apr 2022

Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks

A threat actor previously linked to the Belarusian Ministry of Defense, Ghostwriter, has recently adopted nearly invisible Browser-in-the-Browser (BitB) credential phishing techniques. The tool is likely being leveraged in its attacks against Ukraine and exploitation of the war being waged in the country. Ghostwriter is currently using war-themed attacks to

Read More
31 Mar 2022

Multiple hacking groups are using the war in Ukraine as a lure in phishing attempts

According to cybersecurity research from Google’s Threat Analysis Group (TAG), government backed hackers from Russia, China, Iran, and North Korea are exploiting Russia’s invasion of Ukraine. The attacks leverage public interest in the conflict and are designed to steal login credentials, sensitive information, and money from victims spanning several countries.

Read More
30 Mar 2022

MSHTML Flaw Exploited to Attack Russian Dissidents

A Ukrainian-based threat actor has launched a spearphishing attack against Russians that are using services that have been banned for use by the Kremlin. The attack targets Russian cities and governments that are not aligned with the actions of the Russian government. MalwareBytes identified the campaign last week, stating that

Read More
24 Mar 2022

Malicious npm packages target Azure developers to steal personal data

Microsoft has confirmed that a large scale cyberattack is targeting its Azure developers through malicious npm packages. JFrog cybersecurity researchers released a report on Wednesday detailing how hundreds of malicious packages have been identified. The packages were designed to steal personally identifiable information from developers. According to researchers, the campaign

Read More
21 Mar 2022

A Third of Malicious Logins Originate in Nigeria

Security company Barracuda recently conducted a study into spear-phishing attempts, finding that one third of malicious logins into compromised accounts in 2021 originated in Nigeria. The conclusion was detailed in the company’s latest report, released on Wednesday. To form the report, Barracuda researchers analyzed millions of emails spanning thousands of

Read More
21 Mar 2022

Ukraine warns of InvisiMole attacks tied to state-sponsored Russian hackers

InvisiMole is allegedly conducting a series of attacks agains Ukrainian targets, spreading the LoadEdge backdoor. Ukrainian security officials warned of the campaign, which features a threat actor group with ties to Russia. The Computer Emergency Response Team for Ukraine (CERT-UA) stated last week that the department had been advised of

Read More