Daily Cyber News

add a heading (16)

New Gmail Phishing Attack Steals Credentials via Login Flow

A sophisticated phishing campaign is actively targeting Gmail users by exploiting legitimate Microsoft Dynamics infrastructure to bypass security protections and steal user credentials. The scam begins with deceptive “New Voice Notification” emails, appearing to come from trusted voicemail services. These messages include spoofed sender details and prominent “Listen to Voicemail” buttons that redirect victims through […]

New Gmail Phishing Attack Steals Credentials via Login Flow Read More »

add a heading (15)

ImageMagick Vulnerabilities Trigger Memory Corruption, Overflows

Multiple ImageMagick Vulnerabilities Expose Users to Memory Corruption and Integer Overflow Risks Security experts have identified four critical vulnerabilities in ImageMagick, one of the most popular open-source image processing tools, potentially putting millions of users at risk. Discovered by researcher “urban-warrior” and reported three days ago, the flaws include two high-risk issues that could allow

ImageMagick Vulnerabilities Trigger Memory Corruption, Overflows Read More »

add a heading (14)

Hackers Exploit Microsoft Teams Requests for Remote Access

Hackers Pose as IT Teams to Exploit Microsoft Teams and Gain Remote Access A newly discovered social engineering campaign run by the EncryptHub threat group combines impersonation techniques with technical exploitation to compromise enterprise systems. Researchers report that the Russian-linked group is disguising themselves as IT support staff and using Microsoft Teams requests to gain

Hackers Exploit Microsoft Teams Requests for Remote Access Read More »

add a heading (13)

Palo Alto Releases Mega Malware Analysis Guide for Analysts

Palo Alto Networks Releases Comprehensive Malware Analysis Tutorial on Remcos RAT Palo Alto Networks has published a highly detailed malware analysis tutorial, showcasing the dissection of a complex .NET-based loader that ultimately delivers the Remcos remote access trojan (RAT). Abuse of Legitimate Environments The case underlines a growing threat trend: adversaries increasingly misuse legitimate development

Palo Alto Releases Mega Malware Analysis Guide for Analysts Read More »

add a heading (12)

Ransomware Groups Using Legit Tools with Malware to Evade Detection

Ransomware Groups Exploiting Legitimate Tools with Malware to Evade Detection A newly identified ransomware operation known as Crypto24 is raising alarms in the cybersecurity community. Unlike traditional groups, Crypto24 demonstrates advanced tactics by combining legitimate administrative tools with custom malware, enabling precise attacks against high-value organizations. Global Targeting of Critical Sectors The campaign has successfully

Ransomware Groups Using Legit Tools with Malware to Evade Detection Read More »

add a heading (11)

Hackers Use CrossC2 to Run Cobalt Strike on Linux, macOS

CrossC2 Expands Cobalt Strike Capabilities to Linux and macOS A new advanced cyber campaign has surfaced, leveraging CrossC2, an unofficial extension of Cobalt Strike, to extend its functionality from Windows systems into Linux and macOS environments. Multi-Stage Attack Chain Between September and December 2024, researchers observed a series of incidents involving this cross-platform malware, signaling

Hackers Use CrossC2 to Run Cobalt Strike on Linux, macOS Read More »

ermac

ERMAC V3.0 Banking Trojan Leak Exposes Malware Infrastructure

ERMAC V3.0 Banking Trojan Source Code Leak Unveils Malware Infrastructure Cybersecurity experts have exposed the internal workings of the Android banking trojan ERMAC 3.0, revealing significant flaws in the attackers’ infrastructure. According to a report by Hunt.io, “The latest version 3.0 shows a major upgrade in the malware’s capabilities, extending its form injection and data

ERMAC V3.0 Banking Trojan Leak Exposes Malware Infrastructure Read More »

add a heading (8)

Taiwan Servers Hacked by UAT-7237 with Custom Tools

Taiwan Servers Compromised by UAT-7237 Using Advanced Custom Tools A newly identified and sophisticated malware campaign is targeting Windows systems through a multi-stage attack framework named PS1Bot. This framework combines PowerShell and C# modules to execute extensive data theft operations while avoiding conventional detection methods. The PS1Bot malware represents an advanced shift in cyberattack tactics,

Taiwan Servers Hacked by UAT-7237 with Custom Tools Read More »

add a heading (7)

Taiwan Servers Hacked by UAT-7237 with Custom Tools

Taiwan Web Infrastructure Targeted by UAT-7237 Using Custom Hacking Tools.A Chinese-speaking advanced persistent threat (APT) group has been detected targeting Taiwan’s web infrastructure using tailored versions of open-source hacking tools, with the aim of maintaining long-term access inside high-value networks.Taiwan Web Infrastructure Targeted by UAT-7237 Using Custom Hacking Tools Cisco Talos has linked this campaign

Taiwan Servers Hacked by UAT-7237 with Custom Tools Read More »

add a heading (5)

US Sanctions Garantex, Grinex Over $100M Crypto Ties

U.S. Targets Garantex and Grinex for Over $100 Million in Ransomware-Linked Crypto Transactions The United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) has renewed sanctions on the Russian cryptocurrency exchange Garantex, accusing it of processing over $100 million in transactions tied to ransomware groups and other cybercriminal activities since 2019. The

US Sanctions Garantex, Grinex Over $100M Crypto Ties Read More »