Daily Cyber News

add a heading (14)

Hackers Exploit Microsoft Teams Requests for Remote Access

Hackers Pose as IT Teams to Exploit Microsoft Teams and Gain Remote Access A newly discovered social engineering campaign run by the EncryptHub threat group combines impersonation techniques with technical exploitation to compromise enterprise systems. Researchers report that the Russian-linked group is disguising themselves as IT support staff and using Microsoft Teams requests to gain […]

Hackers Exploit Microsoft Teams Requests for Remote Access Read More »

add a heading (13)

Palo Alto Releases Mega Malware Analysis Guide for Analysts

Palo Alto Networks Releases Comprehensive Malware Analysis Tutorial on Remcos RAT Palo Alto Networks has published a highly detailed malware analysis tutorial, showcasing the dissection of a complex .NET-based loader that ultimately delivers the Remcos remote access trojan (RAT). Abuse of Legitimate Environments The case underlines a growing threat trend: adversaries increasingly misuse legitimate development

Palo Alto Releases Mega Malware Analysis Guide for Analysts Read More »

add a heading (12)

Ransomware Groups Using Legit Tools with Malware to Evade Detection

Ransomware Groups Exploiting Legitimate Tools with Malware to Evade Detection A newly identified ransomware operation known as Crypto24 is raising alarms in the cybersecurity community. Unlike traditional groups, Crypto24 demonstrates advanced tactics by combining legitimate administrative tools with custom malware, enabling precise attacks against high-value organizations. Global Targeting of Critical Sectors The campaign has successfully

Ransomware Groups Using Legit Tools with Malware to Evade Detection Read More »

add a heading (11)

Hackers Use CrossC2 to Run Cobalt Strike on Linux, macOS

CrossC2 Expands Cobalt Strike Capabilities to Linux and macOS A new advanced cyber campaign has surfaced, leveraging CrossC2, an unofficial extension of Cobalt Strike, to extend its functionality from Windows systems into Linux and macOS environments. Multi-Stage Attack Chain Between September and December 2024, researchers observed a series of incidents involving this cross-platform malware, signaling

Hackers Use CrossC2 to Run Cobalt Strike on Linux, macOS Read More »

ermac

ERMAC V3.0 Banking Trojan Leak Exposes Malware Infrastructure

ERMAC V3.0 Banking Trojan Source Code Leak Unveils Malware Infrastructure Cybersecurity experts have exposed the internal workings of the Android banking trojan ERMAC 3.0, revealing significant flaws in the attackers’ infrastructure. According to a report by Hunt.io, “The latest version 3.0 shows a major upgrade in the malware’s capabilities, extending its form injection and data

ERMAC V3.0 Banking Trojan Leak Exposes Malware Infrastructure Read More »

add a heading (8)

Taiwan Servers Hacked by UAT-7237 with Custom Tools

Taiwan Servers Compromised by UAT-7237 Using Advanced Custom Tools A newly identified and sophisticated malware campaign is targeting Windows systems through a multi-stage attack framework named PS1Bot. This framework combines PowerShell and C# modules to execute extensive data theft operations while avoiding conventional detection methods. The PS1Bot malware represents an advanced shift in cyberattack tactics,

Taiwan Servers Hacked by UAT-7237 with Custom Tools Read More »

add a heading (7)

Taiwan Servers Hacked by UAT-7237 with Custom Tools

Taiwan Web Infrastructure Targeted by UAT-7237 Using Custom Hacking Tools.A Chinese-speaking advanced persistent threat (APT) group has been detected targeting Taiwan’s web infrastructure using tailored versions of open-source hacking tools, with the aim of maintaining long-term access inside high-value networks.Taiwan Web Infrastructure Targeted by UAT-7237 Using Custom Hacking Tools Cisco Talos has linked this campaign

Taiwan Servers Hacked by UAT-7237 with Custom Tools Read More »

add a heading (5)

US Sanctions Garantex, Grinex Over $100M Crypto Ties

U.S. Targets Garantex and Grinex for Over $100 Million in Ransomware-Linked Crypto Transactions The United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) has renewed sanctions on the Russian cryptocurrency exchange Garantex, accusing it of processing over $100 million in transactions tied to ransomware groups and other cybercriminal activities since 2019. The

US Sanctions Garantex, Grinex Over $100M Crypto Ties Read More »

add a heading (4)

Hackers Use YouTube Download Sites to Spread Proxyware

YouTube Proxyjacking Campaign Exploits Fake Video Download Sites Cybercriminals have intensified their proxyjacking campaigns by targeting users of YouTube video download services, according to recent security research. This attack exploits fake YouTube-to-MP4 conversion websites to distribute proxyware malware, focusing on users seeking free online video conversion tools. The campaign reflects a major evolution in bandwidth

Hackers Use YouTube Download Sites to Spread Proxyware Read More »

add a heading (3)

AI Fuels New Trends in Phishing Attacks

AI-Powered Phishing and Scams Transforming the Cybersecurity Landscape The cybersecurity landscape is undergoing a major shift as artificial intelligence becomes a powerful tool for cybercriminals, reshaping traditional phishing and scam tactics. Unlike earlier phishing campaigns, which often contained obvious errors and warning signs, modern AI-driven attacks are sophisticated and challenging even for vigilant users to

AI Fuels New Trends in Phishing Attacks Read More »