sctocs

add a heading (12)

Ransomware Groups Using Legit Tools with Malware to Evade Detection

Ransomware Groups Exploiting Legitimate Tools with Malware to Evade Detection A newly identified ransomware operation known as Crypto24 is raising alarms in the cybersecurity community. Unlike traditional groups, Crypto24 demonstrates advanced tactics by combining legitimate administrative tools with custom malware, enabling precise attacks against high-value organizations. Global Targeting of Critical Sectors The campaign has successfully […]

Ransomware Groups Using Legit Tools with Malware to Evade Detection Read More »

add a heading (11)

Hackers Use CrossC2 to Run Cobalt Strike on Linux, macOS

CrossC2 Expands Cobalt Strike Capabilities to Linux and macOS A new advanced cyber campaign has surfaced, leveraging CrossC2, an unofficial extension of Cobalt Strike, to extend its functionality from Windows systems into Linux and macOS environments. Multi-Stage Attack Chain Between September and December 2024, researchers observed a series of incidents involving this cross-platform malware, signaling

Hackers Use CrossC2 to Run Cobalt Strike on Linux, macOS Read More »

ermac

ERMAC V3.0 Banking Trojan Leak Exposes Malware Infrastructure

ERMAC V3.0 Banking Trojan Source Code Leak Unveils Malware Infrastructure Cybersecurity experts have exposed the internal workings of the Android banking trojan ERMAC 3.0, revealing significant flaws in the attackers’ infrastructure. According to a report by Hunt.io, “The latest version 3.0 shows a major upgrade in the malware’s capabilities, extending its form injection and data

ERMAC V3.0 Banking Trojan Leak Exposes Malware Infrastructure Read More »

add a heading (8)

Taiwan Servers Hacked by UAT-7237 with Custom Tools

Taiwan Servers Compromised by UAT-7237 Using Advanced Custom Tools A newly identified and sophisticated malware campaign is targeting Windows systems through a multi-stage attack framework named PS1Bot. This framework combines PowerShell and C# modules to execute extensive data theft operations while avoiding conventional detection methods. The PS1Bot malware represents an advanced shift in cyberattack tactics,

Taiwan Servers Hacked by UAT-7237 with Custom Tools Read More »

add a heading (7)

Taiwan Servers Hacked by UAT-7237 with Custom Tools

Taiwan Web Infrastructure Targeted by UAT-7237 Using Custom Hacking Tools.A Chinese-speaking advanced persistent threat (APT) group has been detected targeting Taiwan’s web infrastructure using tailored versions of open-source hacking tools, with the aim of maintaining long-term access inside high-value networks.Taiwan Web Infrastructure Targeted by UAT-7237 Using Custom Hacking Tools Cisco Talos has linked this campaign

Taiwan Servers Hacked by UAT-7237 with Custom Tools Read More »

add a heading (5)

US Sanctions Garantex, Grinex Over $100M Crypto Ties

U.S. Targets Garantex and Grinex for Over $100 Million in Ransomware-Linked Crypto Transactions The United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) has renewed sanctions on the Russian cryptocurrency exchange Garantex, accusing it of processing over $100 million in transactions tied to ransomware groups and other cybercriminal activities since 2019. The

US Sanctions Garantex, Grinex Over $100M Crypto Ties Read More »

add a heading (4)

Hackers Use YouTube Download Sites to Spread Proxyware

YouTube Proxyjacking Campaign Exploits Fake Video Download Sites Cybercriminals have intensified their proxyjacking campaigns by targeting users of YouTube video download services, according to recent security research. This attack exploits fake YouTube-to-MP4 conversion websites to distribute proxyware malware, focusing on users seeking free online video conversion tools. The campaign reflects a major evolution in bandwidth

Hackers Use YouTube Download Sites to Spread Proxyware Read More »

add a heading (3)

AI Fuels New Trends in Phishing Attacks

AI-Powered Phishing and Scams Transforming the Cybersecurity Landscape The cybersecurity landscape is undergoing a major shift as artificial intelligence becomes a powerful tool for cybercriminals, reshaping traditional phishing and scam tactics. Unlike earlier phishing campaigns, which often contained obvious errors and warning signs, modern AI-driven attacks are sophisticated and challenging even for vigilant users to

AI Fuels New Trends in Phishing Attacks Read More »

add a heading (2)

Splunk Guide Helps Detect ESXi Ransomware Activity

Splunk has released a specialized security guide designed to help cybersecurity teams detect and prevent ransomware attacks targeting VMware ESXi infrastructure before significant damage occurs. This release comes amid rising cyber threats against ESXi hypervisor systems, which have become prime ransomware targets due to their centralized role in virtualization and the lack of sufficient monitoring

Splunk Guide Helps Detect ESXi Ransomware Activity Read More »

add a heading

SmartLoader Malware Spreads via Fake GitHub Projects

Cybersecurity researchers have identified a highly sophisticated malware distribution campaign that uses GitHub repositories disguised as legitimate software projects to infiltrate systems globally. The operation leverages GitHub’s reputation as a trusted code-sharing platform, deploying SmartLoader malware across multiple repositories to target unsuspecting users. Targeting Gaming and Software Enthusiasts The malicious campaign specifically focuses on individuals

SmartLoader Malware Spreads via Fake GitHub Projects Read More »