Phishing Attacks Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Aman Mishra — Mon, 04 Nov 2024 12:40:55 +0000

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in various sectors. The attacks involve sending signed RDP configuration files to thousands of targets, aiming to compromise systems for intelligence gathering. The actor impersonates Microsoft employees and references other cloud providers to increase credibility, so users are advised to be […]

The post Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers Abuse HTML Smuggling Technique To Deliver Sophisticated Phishing Page

Varshini — Fri, 27 Sep 2024 14:48:56 +0000

Phishing attackers employed an HTML smuggling technique to deliver a malicious payload, as the attack chain started with a phishing email mimicking an American Express notification, leading to a series of redirects. The final redirect pointed to a Cloudflare R2 public bucket hosting an HTML file, which loaded an external JavaScript code that contained a […]

The post Hackers Abuse HTML Smuggling Technique To Deliver Sophisticated Phishing Page appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers Weaponizing PDF files To Deliver New SnipBot Malware

Aman Mishra — Thu, 26 Sep 2024 08:34:41 +0000

The RomCom malware family, particularly its SnipBot variant, has evolved into a sophisticated threat capable of ransomware, extortion, and targeted credential gathering. It employs various attack methods, including PDF-based downloaders and executable payloads, to compromise victim systems. The threat actors behind RomCom have been active since at least 2022 and utilize stolen or fraudulently obtained […]

The post Hackers Weaponizing PDF files To Deliver New SnipBot Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

UNC2970 Hackers Attacking Job Seekers Using Weaponized PDF Reader

Aman Mishra — Wed, 18 Sep 2024 11:46:24 +0000

UNC2970, a North Korean cyber espionage group, used customized SumatraPDF trojans to deliver MISTPEN backdoors to victims through phishing emails pretending to be job recruiters. The group targeted the energy and aerospace industries, copying job descriptions and engaging with victims via email and WhatsApp. It modifies job descriptions to target specific victims in U.S. critical […]

The post UNC2970 Hackers Attacking Job Seekers Using Weaponized PDF Reader appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Beware Of New Phishing Attack That Mimics ScreenConnect And Zoom

Divya — Tue, 03 Sep 2024 09:36:12 +0000

Zoom is a widely used videotelephony software used for virtual meetings, and its wide audience base attracts the hackers most. Cyble Research & Intelligence Labs (CRIL) has uncovered a sophisticated phishing operation targeting Zoom users. The scheme utilizes a fraudulent portal that looks like Zoom’s website to attract the victims to download a remote access […]

The post Beware Of New Phishing Attack That Mimics ScreenConnect And Zoom appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Threat Actots Leveraging ChatGPT To Craft Sophisticated Attacks

Aman Mishra — Mon, 29 Jul 2024 14:17:28 +0000

Adversaries are employing Large Language Models to generate malicious code, delivered via phishing emails, for downloading diverse payloads, including Rhadamanthys, NetSupport, CleanUpLoader, ModiLoader, LokiBot, and Dunihi. It indicates a concerning trend of threat actors leveraging AI to automate malware creation and distribution, posing significant challenges for cybersecurity defenses. A broad-spectrum cyberattack campaign leverages phishing emails […]

The post Threat Actots Leveraging ChatGPT To Craft Sophisticated Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers Abusing Google Cloud For Phishing

Tushar Subhra — Tue, 23 Jul 2024 12:53:48 +0000

Threat actors often attack cloud services for several illicit purposes. Google Cloud is targeted due to its extensive and powerful resources, which could be abused for a multitude of malicious activities. The vast amounts of data and computing power that Google Cloud services provide often lure threat actors. Due to the complexity of cloud environments, […]

The post Hackers Abusing Google Cloud For Phishing appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Sticky Werewolf Weaponizing LNK Files Group Attacking To Attack Organizations

Aman Mishra — Sat, 08 Jun 2024 15:14:19 +0000

Sticky Werewolf, a cyber threat group, has shifted its targeting strategy from sending phishing emails with download links to malicious files to using archive attachments containing LNK files, which act as shortcuts to malicious executables hosted on WebDAV servers. When a user clicks on the LNK, a batch script is triggered, which in turn launches […]

The post Sticky Werewolf Weaponizing LNK Files Group Attacking To Attack Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Beware Of Phishing Emails Prompting Execution Via Paste (CTRL+V)

Sneka — Wed, 05 Jun 2024 11:52:55 +0000

Phishing attackers are distributing malicious HTML files as email attachments, containing code designed to exploit users by prompting them to directly paste and execute the code, which leverages social engineering, as users are tricked into running the malicious code themselves by pasting it into a vulnerable application. A phishing campaign uses social engineering tactics by […]

The post Beware Of Phishing Emails Prompting Execution Via Paste (CTRL+V) appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New Android Malware Mimic As Social Media Apps Steals Sensitive Data

Eswar — Tue, 30 Apr 2024 09:44:25 +0000

A new RAT malware has been discovered to be targeting Android devices. This malware is capable of executing additional commands compared to other RAT malware. This malware can also perform phishing attacks by disguising itself as legitimate applications like Snapchat, Instagram, WhatsApp, Twitter, and Google to harvest credentials from the victim. Sonicwall’s further investigation found […]

The post New Android Malware Mimic As Social Media Apps Steals Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.