Malware

Fake CrowdStrike Recruiters Distribute Cryptominer Via Phishing Emails

3 minute read

Fake CrowdStrike Recruiters Distribute Malware Via Phishing Emails

SUMMARY Cybercriminals are deploying a tricky new phishing campaign impersonating the cybersecurity firm CrowdStrike‘s recruiters to distribute a…

byDeeba Ahmed

January 11, 2025

3 minute read

Fake PoC Exploit Targets Cybersecurity Researchers with Malware

A fake proof-of-concept (PoC) exploit designed to lure cybersecurity researchers into downloading malicious software. This deceptive tactic leverages a recently patched critical vulnerability in Microsoft's Windows LDAP service (CVE-2024-49113), which can cause denial-of-service attacks.

byDeeba Ahmed

January 11, 2025

Muddling Meerkat Linked to Domain Spoofing Tactics in Global Spam Scams

3 minute read

Security

Muddling Meerkat Linked to Domain Spoofing in Global Spam Scams

Infoblox cybersecurity researchers investigating the mysterious activities of 'Muddling Meerkat' unexpectedly uncovered widespread use of domain spoofing in malicious spam campaigns.

byDeeba Ahmed

January 11, 2025

3 minute read

Thousands of Live Hacker Backdoors Found in Expired Domains

SUMMARY Cybersecurity researchers at watchTowr have identified over 4,000 live hacker backdoors, exploiting abandoned infrastructure and expired domains.…

byWaqas

January 9, 2025

3 minute read

New FireScam Infostealer Spyware Hits Android via Fake Telegram Premium

Researchers at Cyfirma have discovered FireScam, an Android malware disguised as 'Telegram Premium' that steals data, monitors activity, and infiltrates devices. Learn about its distribution, functionality, and the impact on user privacy.

byDeeba Ahmed

January 4, 2025

3 minute read

NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT

Researchers discovered a malicious package on the npm package registry that resembles a library for Ethereum smart contract vulnerabilities but actually drops an open-source remote access trojan called Quasar RAT onto developer systems.

byDeeba Ahmed

January 3, 2025

SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach

4 minute read

Press Release

SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach

SquareX warns of OAuth attacks targeting Chrome extensions, exposing users to session hijacking and data theft. Secure your browser with proactive BDR solutions.

byCyberNewswire

December 30, 2024

5 minute read

Secure Gaming During the Holidays

Secure Gaming during holidays is essential as cyberattacks rise by 50%. Protect accounts with 2FA, avoid fake promotions,…

byOwais Sultan

December 28, 2024

3 minute read

FICORA, CAPSAICIN Botnets Exploit Old D-Link Router Flaws for DDoS Attacks

Mirai and Keksec botnet variants are exploiting critical vulnerabilities in D-Link routers. Learn about the impact, affected devices, and how to protect yourself from these attacks.

byDeeba Ahmed

December 28, 2024

3 minute read

Python Malware in Zebo-0.1.0 and Cometlogger-0.1 Found Stealing User Data

Fortinet discovers two malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, designed to steal data, capture keystrokes, and gain system control. Learn about their malicious behavior and how to protect yourself

byDeeba Ahmed

December 24, 2024

The Latest

Belsen Group Leaks 15,000+ FortiGate Firewall Configurations

Fintech Bill Pay Platform “Willow Pays” Exposes Over 240,000 Records

Telegram-Based “Sneaky 2FA” Phishing Kit Targets Microsoft 365 Accounts

Hackers Claim Breach of Hewlett Packard Enterprise, Lists Data for Sale

Malware

Fake CrowdStrike Recruiters Distribute Malware Via Phishing Emails

Fake PoC Exploit Targets Cybersecurity Researchers with Malware

Muddling Meerkat Linked to Domain Spoofing in Global Spam Scams

Thousands of Live Hacker Backdoors Found in Expired Domains

New FireScam Infostealer Spyware Hits Android via Fake Telegram Premium

NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT

SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach

Secure Gaming During the Holidays

FICORA, CAPSAICIN Botnets Exploit Old D-Link Router Flaws for DDoS Attacks

Python Malware in Zebo-0.1.0 and Cometlogger-0.1 Found Stealing User Data

Aembit Announces Speaker Lineup for the Inaugural NHIcon

Sweet Security Introduces Patent-Pending LLM-Powered Detection Engine, Reducing Cloud Detection Noise to 0.04%

Wultra Secures €3M to Protect Financial Institutions from Quantum Threats

Criminal IP Launches Real-Time Phishing Detection Tool on Microsoft Marketplace

Security Risk Advisors joins the Microsoft Intelligent Security Association