Tag: malicious
-
Malicious PDFs Responsible for 22% of All Email-Based Cyber Threats
Malicious PDF files have emerged as a dominant threat vector in email-based cyberattacks, accounting for 22% of all malicious email attachments, according to a recent report by Check Point Research. With over 87% of organizations relying on PDFs for business communication, the ubiquitous file format has become a prime target for cybercriminals, who exploit its…
-
Halo ITSM Vulnerability Lets Attackers Inject Malicious SQL Code
A critical security flaw has been discovered inHalo ITSM, an IT support management software widely deployed across cloud and on-premise environments. The vulnerability, which allows attackers to inject malicious SQL code, poses a significant threat to organizations relying on the software to manage IT support tickets containing sensitive data such as credentials and internal documentation.…
-
Texas city warns thousands of utility payment site breach
At least 12,000 people in Texas had sensitive financial information stolen by hackers who secretly implanted malicious code into the utility payment website of the City of Lubbock. First seen on therecord.media Jump to article: therecord.media/texas-city-warns-thousands-of-utility-site-breach
-
One mighty fine-looking report
Hazel highlights the key findings within Cisco Talos’ 2024 Year in Review (now available for download) and details our active tracking of an ongoing campaign targeting users in Ukraine with malicious LNK files. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/one-mighty-fine-looking-report/
-
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials.”These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection,” Microsoft said in a report shared with…
-
Operation HollowQuill Uses Malicious PDFs to Target Academic and Government Networks
A newly uncovered cyber-espionage campaign, dubbed Operation HollowQuill, has been identified as targeting academic, governmental, and defense-related networks in Russia using weaponized PDF documents. The operation, tracked by SEQRITE Labs APT-Team, leverages decoy research invitations to infiltrate systems associated with the Baltic State Technical University (BSTU “VOENMEKH”), a key institution for defense and aerospace research…
-
AI-Powered Gray Bots Target Web Applications with Over 17,000 Requests Per Hour
Web applications are facing a growing challenge from >>gray bots,
-
Hackers Actively Scanning for Juniper Smart Routers Using Default Passwords
Recent cybersecurity findings reveal an alarming increase in malicious activity targeting Juniper’s Session Smart Networking Platform (SSR). According to SANS tech reports, Attackers are focusing their efforts on exploiting devices using the default credentials, >>t128>128tRoutes
-
Beware fake AutoCAD, SketchUp sites dropping malware
Malware peddlers are saddling users with the TookPS downloader and the Lapmon and TeviRat backdoors via malicious sites that mimic official ones and ostensibly offer … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/03/fake-autocad-sketchup-malware/
-
Cyber Command touts AI-driven gains in cybersecurity, network monitoring
Executive Director Morgan Adamski said the agency’s use of generative AI tools has reduced the timeframe for analyzing malicious traffic from days and weeks to hours and minutes. First seen on cyberscoop.com Jump to article: cyberscoop.com/cyber-command-ai-gains-cybersecurity-network-monitoring/
-
Redefining Insider Risk in a Perimeterless World
OFX CISO Santanu Lodh on the Changing Nature of Insider Threats. The profile of insider risk has changed over a period of time, said Santanu Lodh, CISO at OFX. It is no longer confined to malicious intent. He explains how shifting workforce models, third-party engagement and evolving technology demand continuous monitoring and rethinking of security…
-
Hackers Use DeepSeek and Remote Desktop Apps to Deploy TookPS Malware
A recent investigation by cybersecurity researchers has uncovered a large-scale malware campaign leveraging the DeepSeek LLM and popular remote desktop applications to distribute the Trojan-Downloader.Win32.TookPS malware. The attackers targeted both individual users and organizations by disguising malicious software as legitimate business tools, including UltraViewer, AutoCAD, and SketchUp. Malicious Infrastructure and Infection Chain The TookPS malware…
-
Hackers Exploit Cloudflare for Advanced Phishing Attacks
A sophisticated phishing campaign orchestrated by a Russian-speaking threat actor has been uncovered, revealing the abuse of Cloudflare services and Telegram for malicious purposes. Researchers at Hunt.io have identified this new wave of attacks, which employs Cloudflare-branded phishing pages and advanced tactics to evade detection. The campaign utilizes Cloudflare’s Pages.dev and Workers.dev platforms typically used…
-
Check Point Software confirms security incident but pushes back on threat actor claims
A malicious hacker recently offered to sell the security firm’s sensitive customer information. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/check-point-software-security-incident/744198/
-
Stripe API Skimming Campaign Unveils New Techniques for Theft
A novel skimming attack has been observed by Jscramber, using the Stripe API to steal payment information by injecting malicious scripts into pages First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/stripe-api-skimming-campaign-new/
-
Threat-informed defense for operational technology: Moving from information to action
Tags: access, ai, attack, automation, blueteam, cloud, control, crime, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, exploit, finance, fortinet, framework, group, incident response, infrastructure, intelligence, law, malicious, malware, mitre, network, phishing, PurpleTeam, ransomware, RedTeam, resilience, risk, service, soar, strategy, tactics, technology, threat, tool, usaThe rise of cybercrime-as-a-service Today’s macro threat landscape is a flourishing ecosystem of cybercrime facilitated by crime-as-a-service (CaaS) models. Cybercriminal networks now operate like legitimate businesses, with specialized units dedicated to activities such as money laundering, malware development, and spear phishing. This ecosystem lowers the barrier to entry for cybercrime, enabling low-skilled adversaries to launch…
-
Canon Printer Drivers Flaw Could Let Hackers Run Malicious Code
A critical vulnerability (CVE-2025-1268) in Canon printer drivers allows remote code execution. See which drivers are affected, how to patch them. First seen on hackread.com Jump to article: hackread.com/canon-printer-drivers-flaw-hackers-run-malicious-code/
-
Google fixes GCP flaw that could expose sensitive container images
run.services.update and iam.serviceAccounts.actAspermissions they could modify a Cloud Run service and deploy a new revision.”In doing so, they could specify (through malicious code injection) any private container image stored in a victim’s registries, Matan added.According to a Tenable statement to CSO, an attacker could use this vulnerability for data theft or espionage in a real-world…
-
QR Code Phishing (Quishing) Attack Your Smartphones To Steal Microsoft Accounts Credentials
Cybersecurity researchers have identified a growing trend in phishing attacks leveraging QR codes, a tactic known as >>quishing.
-
Hackers Exploit Microsoft Teams Messages to Deliver Malware
Tags: attack, corporate, credentials, cyber, cybersecurity, defense, exploit, hacker, malicious, malware, microsoft, powershell, tactics, vulnerabilityCybersecurity experts have uncovered a new malware campaign targeting Microsoft Teams users to infiltrate corporate systems. By exploiting the platform’s communication vulnerabilities and leveraging malicious PowerShell scripts, attackers bypassed traditional defenses, delivering malware capable of stealing credentials and establishing persistent backdoors. The attack demonstrates an alarming evolution in malware delivery tactics through trusted collaboration platforms.…
-
Ransomware Threatens 93% of Industries”, Resilience Is Critical
Tags: breach, business, cyber, data, data-breach, malicious, ransomware, resilience, software, threatRansomware continues to be one of the most disruptive cyber threats, with recent data revealing that it affects 93% of industries globally. According to Verizon’s 2024 Data Breach Investigations Report, ransomware is implicated in one-third of all data breaches, underscoring its widespread impact across sectors. This malicious software encrypts critical business data and demands payment…
-
KoiLoader Exploits PowerShell Scripts to Drop Malicious Payloads
Cybersecurity experts at eSentire’s Threat Response Unit (TRU) uncovered a sophisticated malware campaign leveraging KoiLoader, a malicious loader designed to deploy information-stealing payloads. This campaign utilized PowerShell scripts and obfuscation techniques to bypass security measures and infect systems. The investigation revealed a multi-stage infection chain, highlighting the evolving tactics of cybercriminals. Infection Chain and Delivery…