Tag: malware deployment

Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/06/malvertising-campaign-leads-to-info-stealers-hosted-on-github/ Source: Microsoft Security Blog Title: Malvertising campaign leads to info stealers hosted on GitHub Feedly Summary: Microsoft detected a large-scale malvertising campaign in early December 2024 that impacted nearly one million devices globally. The attack originated from illegal streaming websites embedded with malvertising redirectors and ultimately redirected users to GitHub to deliver…

Hacker News: SEAL Advisory on DPRK Threat to Crypto Exchanges

Feb 22, 2025

—

by

Source URL: https://www.securityalliance.org/news/2025-02-dprk-advisory Source: Hacker News Title: SEAL Advisory on DPRK Threat to Crypto Exchanges Feedly Summary: Comments AI Summary and Description: Yes Summary: The text describes a significant cyber theft by DPRK operatives, detailing their sophisticated tactics for compromising crypto exchanges. It emphasizes the importance of internal reviews and specific security measures for exchanges…

The Register: Japanese Police claim China ran five-year cyberattack campaign

Jan 9, 2025

—

by

Source URL: https://www.theregister.com/2025/01/09/japan_mirrorface_china_attack/ Source: The Register Title: Japanese Police claim China ran five-year cyberattack campaign Feedly Summary: ‘MirrorFace’ group found ways to run malware in the Windows sandbox, which is worrying Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by…

Cloud Blog: Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation

Jan 9, 2025

—

by

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day/ Source: Cloud Blog Title: Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation Feedly Summary: Written by: John Wolfram, Josh Murchie, Matt Lin, Daniel Ainsworth, Robert Wallace, Dimiter Andonov, Dhanesh Kizhakkinan, Jacob Thompson Note: This is a developing campaign under active analysis by Mandiant and Ivanti. We will continue to add more…

Hacker News: New ‘OtterCookie’ malware used to backdoor devs in fake job offers

Dec 29, 2024

—

by

Source URL: https://www.bleepingcomputer.com/news/security/new-ottercookie-malware-used-to-backdoor-devs-in-fake-job-offers/ Source: Hacker News Title: New ‘OtterCookie’ malware used to backdoor devs in fake job offers Feedly Summary: Comments AI Summary and Description: Yes Summary: The text outlines a cybersecurity threat posed by North Korean actors using new malware called OtterCookie in a campaign targeting software developers through fake job offers. It highlights…

Threat Research Archives – Unit 42: Fighting Ursa Luring Targets With Car for Sale

Dec 18, 2024

—

by

Source URL: https://unit42.paloaltonetworks.com/fighting-ursa-car-for-sale-phishing-lure/ Source: Threat Research Archives – Unit 42 Title: Fighting Ursa Luring Targets With Car for Sale Feedly Summary: AI Summary and Description: Yes Summary: The text presents a detailed account of a sophisticated cybersecurity threat from the Russian group Fighting Ursa, which targeted diplomats using a phishing campaign disguised as a car…

The Register: Iran-linked crew used custom ‘cyberweapon’ in US critical infrastructure attacks

Dec 14, 2024

—

by

Source URL: https://www.theregister.com/2024/12/13/iran_cyberweapon_us_attacks/ Source: The Register Title: Iran-linked crew used custom ‘cyberweapon’ in US critical infrastructure attacks Feedly Summary: IOCONTROL targets IoT and OT devices from a ton of makers, apparently An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according…

Microsoft Security Blog: Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON

Nov 28, 2024

—

by

Source URL: https://www.microsoft.com/en-us/security/blog/2024/11/22/microsoft-shares-latest-intelligence-on-north-korean-and-chinese-threat-actors-at-cyberwarcon/ Source: Microsoft Security Blog Title: Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON Feedly Summary: At CYBERWARCON 2024, Microsoft Threat Intelligence analysts will share research and insights on North Korean and Chinese threat actors representing years of threat actor tracking, infrastructure monitoring and disruption, and their attack…

The Register: Don’t open that ‘copyright infringement’ email attachment – it’s an infostealer

Nov 7, 2024

—

by