Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations

02/10/2024 0 Comments 0 tags

Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. “While the

5 Must-Have Tools for Effective Dynamic Malware Analysis

02/10/2024 0 Comments 0 tags

Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor

PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data

02/10/2024 0 Comments 0 tags

A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data

Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw

02/10/2024 0 Comments 0 tags

Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor’s Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September

AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition

01/10/2024 0 Comments 0 tags

The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what’s

5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

01/10/2024 0 Comments 0 tags

Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes

Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials

01/10/2024 0 Comments 0 tags

More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it’s being used by a large number

New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet

01/10/2024 0 Comments 0 tags

Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat

U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails

01/10/2024 0 Comments 0 tags

The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of

Session Hijacking 2.0 — The Latest Way That Attackers are Bypassing MFA

30/09/2024 0 Comments 0 tags

Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: 147,000 token replay attacks were detected by Microsoft in 2023, a 111%