Tag: infostealer
-
Cloud Blog: Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/oracle-ebusiness-suite-zero-day-exploitation/ Source: Cloud Blog Title: Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign Feedly Summary: Written by: Peter Ukhanov, Genevieve Stark, Zander Work, Ashley Pearson, Josh Murchie, Austin Larsen Introduction Beginning Sept. 29, 2025, Google Threat Intelligence Group (GTIG) and Mandiant began tracking a new, large-scale extortion campaign by a threat actor…
-
The Register: ‘FileFix’ attacks use fake Facebook security alerts to trick victims into running infostealers
Source URL: https://www.theregister.com/2025/09/16/filefix_attacks_facebook_security_alert/ Source: The Register Title: ‘FileFix’ attacks use fake Facebook security alerts to trick victims into running infostealers Feedly Summary: Tech evolved from PoC to global campaign in under two months An attack called FileFix is masquerading as a Facebook security alert before ultimately dropping the widely used StealC infostealer and malware downloader.……
-
Microsoft Security Blog: Think before you Click(Fix): Analyzing the ClickFix social engineering technique
Source URL: https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/ Source: Microsoft Security Blog Title: Think before you Click(Fix): Analyzing the ClickFix social engineering technique Feedly Summary: The ClickFix social engineering technique has been growing in popularity, with campaigns targeting thousands of enterprise and end-user devices daily. This technique exploits users’ tendency to resolve technical issues by tricking them into running malicious…
-
Cloud Blog: Cloud CISO Perspectives: Going beyond 2FA to address fast-rising, emerging threats
Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-adding-new-layered-protections-to-2fa/ Source: Cloud Blog Title: Cloud CISO Perspectives: Going beyond 2FA to address fast-rising, emerging threats Feedly Summary: Welcome to the second Cloud CISO Perspectives for July 2025. Today, Andy Wen, director, product management, Workspace Security, discusses new efforts we’re making to defend against identity-based cyberattacks.As with all Cloud CISO Perspectives, the contents…
-
Cloud Blog: Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/sonicwall-secure-mobile-access-exploitation-overstep-backdoor/ Source: Cloud Blog Title: Ongoing SonicWall Secure Mobile Access (SMA) Exploitation Campaign using the OVERSTEP Backdoor Feedly Summary: Written by: Josh Goddard, Zander Work, Dimiter Andonov Introduction Google Threat Intelligence Group (GTIG) has identified an ongoing campaign by a suspected financially-motivated threat actor we track as UNC6148, targeting fully patched end-of-life SonicWall…
-
Krebs on Security: Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai
Source URL: https://krebsonsecurity.com/2025/07/poor-passwords-tattle-on-ai-hiring-bot-maker-paradox-ai/ Source: Krebs on Security Title: Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai Feedly Summary: Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald’s was exposed after they guessed the password (“123456") for the fast food chain’s account at Paradox.ai, a company…
-
The Register: Phishing platforms, infostealers blamed as identity attacks soar
Source URL: https://www.theregister.com/2025/07/07/phishing_platforms_infostealers_blamed_for/ Source: The Register Title: Phishing platforms, infostealers blamed as identity attacks soar Feedly Summary: Get your creds in order or risk BEC, ransomware attacks, orgs warned A rise in advanced phishing kits and info-stealing malware are to blame for a 156 percent jump in cyberattacks targeting user logins, say researchers.… AI Summary…
-
Slashdot: The 16-Billion-Record Data Breach That No One’s Ever Heard of
Source URL: https://it.slashdot.org/story/25/06/19/2028246/the-16-billion-record-data-breach-that-no-ones-ever-heard-of?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: The 16-Billion-Record Data Breach That No One’s Ever Heard of Feedly Summary: AI Summary and Description: Yes Summary: The text discusses one of the largest data breaches in history, revealing 16 billion exposed login credentials primarily from infostealer sources. This highlights significant risks for individuals and organizations, including potential…
-
The Register: Minecraft cheaters never win … but they may get malware
Source URL: https://www.theregister.com/2025/06/18/minecraft_mod_malware/ Source: The Register Title: Minecraft cheaters never win … but they may get malware Feedly Summary: Infostealers posing as popular cheat tools are cropping up on GitHub Trojanized Minecraft cheat tools hosted on GitHub have secretly installed stealers that siphon credentials, crypto wallets, and other sensitive data when executed by players.… AI…
-
Slashdot: Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
Source URL: https://yro.slashdot.org/story/25/05/28/2024243/mysterious-database-of-184-million-records-exposes-vast-array-of-login-credentials?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials Feedly Summary: AI Summary and Description: Yes Summary: This text discusses the discovery of a significant data breach involving 184 million login credentials from numerous high-profile services, raising serious security concerns because of the inclusion of government-associated…