Cyber Attack
CRON#TRAP Campaign Attacks Windows Machine With Weaponized Linux Virtual Machine
Weaponized Linux virtual machines are used for offensive cybersecurity purposes, such as "penetration testing" or "exploiting vulnerabilities."These setups often use the tools and frameworks that are designed for ethical...
Cyber Attack
APT36 Hackers Attacking Windows Deevices With ElizaRAT
APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware like ElizaRAT, which is designed for espionage. It leverages cloud-based...
Cyber Attack
Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit
The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese government entity in early 2023, which leverages three modules,...
Cyber Attack
Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files
Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in various sectors.The attacks involve sending signed RDP configuration...
Cyber Attack
Russia, Iran, And China Influence U.S. Elections, Microsoft Warns
The researchers have observed consistent efforts by Russia, Iran, and China to exert foreign influence on democratic processes in the United States. Recent U.S. government...
CVE/vulnerability
A Massive Hacking Toolkit From “You Dun” Threat Group Developed To Lauch Massive Cyber Attack
The "You Dun" hacking group exploited vulnerable Zhiyuan OA software using SQL injection, leveraging tools like WebLogicScan, Vulmap, and Xray for reconnaissance.They further...
Cyber Attack
Russian Hackers Attacking Ukraine Military With Malware Via Telegram
Researchers discovered a Russian-linked threat actor, UNC5812, utilizing a Telegram persona named "Civil Defense. "This persona has been distributing Windows and Android malware...
Cyber Attack
Notorious WrnRAT Delivered Mimic As Gambling Games
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games like Badugi, Go-Stop, and Hold'em to disguise itself as...
Cyber Attack
ClickFix Malware Infect Website Visitors Via Hacked WordPress Websites
Researchers have identified a new variant of the ClickFix fake browser update malware distributed through malicious WordPress plugins.These plugins, disguised as legitimate tools,...
Cyber Attack
IcePeony Hackers Exploiting Public Web Servers To Inject Webshells
IcePeony, a China-nexus APT group, has been active since 2023, targeting India, Mauritius, and Vietnam by exploiting SQL injection vulnerabilities to compromise systems using...
Botnet
Russia-Linked Hackers Attacking Governmental And Political Organizations
Two pro-Russian threat actors launched a distributed denial-of-service (DDoS) attack campaign against Japanese organizations on October 14, 2024.The campaign targeted logistics, manufacturing, government,...