Threat Actors

Attackers Using Morse Code in phishing campaign to Evade Detection

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign. Microsoft also revealed the workings of a phishing attack group’s techniques that use a ‘jigsaw puzzle’ technique plus unusual features like Morse code dashes and dots to hide its attacks. In This Social-engineering campaign wherein the …

Attackers Using Morse Code in phishing campaign to Evade Detection Read More »

MosaicLoader malware targets cracked software via SEO poisoning

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious links when users search for terms related to that Cracked Software. Cybersecurity researchers From Bitdefender on Tuesday published research on a previously undocumented malware strain dubbed “MosaicLoader” that singles out individuals …

MosaicLoader malware targets cracked software via SEO poisoning Read More »

Trickbot Malware Comeback using the new VNC module

Trickbot Malware Comeback using the new VNC module

On Monday Cybersecurity firm Bitdefender Published a Blog Post on Trickbot Malware that using the new VNC module to Spy on its Victims. Trickbot Malware has discovered an updated VNC module that seems to be in active development, as its maintainers are updating it at a very fast pace. This module is now delivered under …

Trickbot Malware Comeback using the new VNC module Read More »

Chinese hacking group IndigoZebra APT Targets Afghan Government

Chinese hacking group IndigoZebra APT Targets Afghan Government

IndigoZebra APT Targets Afghan Government With fake email and abusing Dropbox API to Mask malicious traffic. On Thursday, Check Point Research (CPR) said that the Office of the President of Afghanistan, representing President Ashraf Ghani, is being used as a lure in spear-phishing emails designed to infiltrate government agencies in the country, of which a successful attack …

Chinese hacking group IndigoZebra APT Targets Afghan Government Read More »

Suspected Pakistani hackers targeting the Indian Power company with ReverseRat

Suspected Pakistani hackers targeting the Indian Power company with ReverseRat

According to a new study, a threat actor suspected of having links with Pakistan is targeting the government and the energy companies in the South and in the Central Asian region, to deploy the remote-access Trojan on the infected Windows operating systems. “That’s why most of the organizations are showing signs of compromise were in …

Suspected Pakistani hackers targeting the Indian Power company with ReverseRat Read More »

Cybercriminals are Doing Microsoft Exchange Exploitation by installing Cryptojacking

Cybercriminals are Doing Microsoft Exchange Exploitation by installing Cryptojacking

Cybercriminals continue to exploit Microsoft Exchange unpatched servers. Cybersecurity investigators at Sophos report an unknown attack after trying to use ProxyLogon to exploit the malicious Monero crypto-miner from Exchange servers, while a paid load is held on the damaged Exchange server. Cyber ​​attackers are scanning the Internet for compromising Microsoft Exchange servers that can exploit …

Cybercriminals are Doing Microsoft Exchange Exploitation by installing Cryptojacking Read More »

NetWire and Remcos Trojan targeted US taxpayers

NetWire and Remcos Trojan targeted US taxpayers

Investigators have analyzed an effective campaign targeted by US taxpayers to distribute both NetWire and Remcos Trojans. The tax season is now here and US citizens submitting their forms before the April deadline, this is also a good time for attackers to use campaigns designed to take advantage of the annual requirement. Criminal Runs campaigns …

NetWire and Remcos Trojan targeted US taxpayers Read More »

Attackers Targeting Unpatched Exchange Servers With DearCry Ransomware

Attackers Targeting Unpatched Exchange Servers With DearCry Ransomware

Ransomware attackers are now targeting Exchange servers that haven’t received the patches that Microsoft released last week. According to the latest reports, cybercriminals are leveraging the heavily exploited ProxyLogon Exchange Server flaws to install a new strain of ransomware called “DearCry.” Microsoft is warning Exchange customers once again to apply the emergency patches it released last …

Attackers Targeting Unpatched Exchange Servers With DearCry Ransomware Read More »

The Domestic Kitten hacking group has a threat to the Iranian regime

The Domestic Kitten hacking group has a threat to the Iranian regime

Investigators have revealed the internal functioning of the Domestic Kitten team’s surveillance operations. The Domestic Kitten also followed as the APT-C-50, is the leading opposition group (APT). First discovered in 2018, APT has ties to the Iranian government and is linked to domestic violence “which could be detrimental to the stability of the Iranian state,” …

The Domestic Kitten hacking group has a threat to the Iranian regime Read More »

Plex Media servers are being actively abused for DDoS attacks

Plex Media servers are being actively abused for DDoS attacks

DDoS-for-hire services are actively abusing plex Media Server systems as a UDP reflection/amplification vector in Distributed Denial of Service (DDoS) attacks. Cyber-security firm Netscout warns of new DDoS attack vectors. The company’s alert comes to warn owners of devices that ship with Plex Media Server, a web application for Windows, Mac, and Linux that’s usually used …

Plex Media servers are being actively abused for DDoS attacks Read More »