Tag: social-engineering
-
Threat Actors Distribute CoinMiner Malware through USB Drives to Infect Workstations
Tags: crypto, cyber, cybercrime, detection, exploit, infection, intelligence, malware, social-engineering, threatCybercriminals continue to exploit USB drives as infection vectors, with recent campaigns delivering sophisticated CoinMiner malware that establishes persistent cryptocurrency-mining operations on compromised workstations. Security researchers have documented an evolving threat that leverages social engineering and evasion techniques to avoid detection while mining Monero cryptocurrency on infected systems. In February 2025, AhnLab Security Intelligence Center…
-
MuddyWater Hackers Use UDPGangster Backdoor to Bypass Network Defenses on Windows
The MuddyWater threat group has escalated its cyber espionage operations by deploying UDPGangster, a sophisticated UDP-based backdoor designed to infiltrate Windows systems while systematically evading traditional network defenses. Recent intelligence gathered by FortiGuard Labs reveals coordinated campaigns targeting high-value victims across Turkey, Israel, and Azerbaijan, employing social engineering tactics paired with advanced anti-analysis techniques that…
-
Russian Hackers Imitate European Events in Coordinated Phishing Campaigns
Tags: authentication, cloud, conference, cyber, cybersecurity, email, google, government, hacker, microsoft, phishing, russia, social-engineeringRussian state-linked hackers are impersonating high-profile European security conferences to compromise cloud email and collaboration accounts at governments, think tanks, and policy organizations, according to new research from cybersecurity firm Volexity. The campaigns, active through late 2025, abuse legitimate Microsoft and Google authentication workflows and rely on painstaking social engineering to trick victims into effectively…
-
Threat Actors Exploit Foxit PDF Reader to Seize System Access and Steal Data
A sophisticated malware campaign is leveraging a weaponized Foxit PDF Reader to target job seekers through email-based attacks, deploying ValleyRAT. This remote access trojan grants threat actors complete system control and data exfiltration capabilities. Security researchers have identified a significant uptick in this campaign, which combines social engineering, obfuscation techniques, and dynamic-link library (DLL) sideloading…
-
Submarine cable cybersecurity: protecting critical infrastructure
Tags: 5G, ai, awareness, business, cloud, compliance, computing, control, cyber, cybersecurity, data, detection, framework, google, government, infrastructure, intelligence, international, Internet, iot, microsoft, network, resilience, risk, service, social-engineering, software, technology, threat, tool, trainingthink tank Atlantic Council identifies several trends that threaten the security of submarine cables. On the one hand, linked to the geostrategic issue, the presence of authoritarian governments are reshaping the internet’s physical layout through companies that control internet infrastructure, to route data more favorably, interrupting the provision of services or taking advantage of infrastructures…
-
Smashing Security podcast #446: A hacker doxxes himself, and social engineering-as-a-service
A teenage cybercriminal posts a smug screenshot to mock a sextortion scammer… and accidentally hands over the keys to his real-world identity. Meanwhile, we look into the crystal ball for 2026 and consider how stolen data is now the jet fuel of cybercrime and how next year could be even nastier than 2025. First seen…
-
Hackers ready threat campaign aimed at Zendesk environments
Researchers warn that hackers linked to recent social engineering attacks are targeting customer service environments.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-threat-campaign-zendesk-environments/806666/
-
Contagious Interview attackers go ‘full stack’ to fool developers
Tags: attack, control, credentials, crypto, data, endpoint, exploit, github, infrastructure, intelligence, macOS, malicious, malware, open-source, social-engineering, supply-chain, theft, threat, update, windows, wormCoding tasks lead to malware delivery: These defensive measures are effective because Contagious Interview’s entry vector relies heavily on social engineering, using fake interview tasks to trick developers into installing compromised dependencies.The campaign exploits NPM, a widely used package registry for JavaScript and Node.js, by publishing packages that appear benign but carry hidden payloads. The…
-
Hackers ready threat campaign aimed at Zendesk environments
Researchers warn that hackers linked to recent social engineering attacks are targeting customer service environments.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-threat-campaign-zendesk-environments/806666/
-
Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery
BitSight research has revealed how threat actors exploit calendar subscriptions to deliver phishing links, malware and social engineering attacks through hijacked domains First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/threat-actors-exploit-calendar-subs/
-
Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery
BitSight research has revealed how threat actors exploit calendar subscriptions to deliver phishing links, malware and social engineering attacks through hijacked domains First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/threat-actors-exploit-calendar-subs/
-
OpenAI-Dienstleister gehackt
Cyberkriminelle sind in das System des Datenanalyseanbieters von OpenAI eingedrungen.Laut einer Mitteilung von OpenAI haben sich Cyberkriminelle Anfang November Zugriff auf die Systeme des Analysedienst Mixpanel verschafft. Demnach wurden dabei Daten von API-Nutzern abgegriffen.Folgende Informationen sind möglicherweise davon betroffen:Name im API-Konto,E-Mail-Adressen, die mit dem API-Konto verknüpft sind,Ungefährer Standort basierend auf dem Browser des API-Nutzers (Stadt,…
-
AI browsers can be tricked with malicious prompts hidden in URL fragments
Tricking users into clicking poisoned links: HashJack is essentially a social engineering attack because it relies on tricking users to click on specially crafted URLs inside emails, chats, websites, or documents. However, this attack can be highly credible because it points to legitimate websites.For example, imagine a spoofed email that claims to be from a…
-
AI browsers can be tricked with malicious prompts hidden in URL fragments
Tricking users into clicking poisoned links: HashJack is essentially a social engineering attack because it relies on tricking users to click on specially crafted URLs inside emails, chats, websites, or documents. However, this attack can be highly credible because it points to legitimate websites.For example, imagine a spoofed email that claims to be from a…
-
Neue ClickFix-Kampagne nutzt Fake-Windows-Updates
Tags: captcha, cyberattack, endpoint, group, malware, monitoring, phishing, powershell, social-engineering, update, windowsCyberkriminelle nutzen eine gefälschte Windows-Update-Seite, um Mitarbeiter anzugreifen.Forscher des Security-Anbieters Huntress sind kürzlich auf eine neue ClickFix-Kampagne gestoßen, die auf Mitarbeiter in Unternehmen zielt. Laut Forschungsbericht haben die Angreifer ihre Malware dabei in den Pixeln eines Bildes versteckt, das eine Windows-Update-Seite vortäuscht. Dort werden die Benutzer aufgefordert, auf Ausführen zu klicken, um einen bösartigen Befehl…
-
Hackers Trick macOS Users into Running Terminal Commands to Install FlexibleFerret Malware
Tags: cyber, hacker, jobs, macOS, malicious, malware, north-korea, social-engineering, tactics, threatNorth Korean-aligned threat actors are leveraging convincing fake job recruitment websites to deceive macOS users into executing malicious Terminal commands that deliver the FlexibleFerret malware, according to recent analysis from Jamf Threat Labs. The campaign, attributed to the Contagious Interview operation, represents a refined iteration of social engineering tactics designed to bypass macOS security protections,…
-
Hackers Trick macOS Users into Running Terminal Commands to Install FlexibleFerret Malware
Tags: cyber, hacker, jobs, macOS, malicious, malware, north-korea, social-engineering, tactics, threatNorth Korean-aligned threat actors are leveraging convincing fake job recruitment websites to deceive macOS users into executing malicious Terminal commands that deliver the FlexibleFerret malware, according to recent analysis from Jamf Threat Labs. The campaign, attributed to the Contagious Interview operation, represents a refined iteration of social engineering tactics designed to bypass macOS security protections,…
-
Gamayun APT Exploits New MSC EvilTwin Vulnerability to Deliver Malicious Payloads
Tags: apt, cyber, exploit, group, infrastructure, malicious, microsoft, powershell, social-engineering, threat, vulnerability, windowsWater Gamayun, a Russia”‘aligned advanced persistent threat (APT) group, has launched a new multi”‘stage intrusion campaign that weaponizes the recently disclosed MSC EvilTwin vulnerability in Windows Microsoft Management Console (MMC). Leveraging a blend of compromised infrastructure, social engineering, and heavily obfuscated PowerShell, the attackers exploited CVE”‘2025″‘26633 to inject malicious code into mmc.exe, ultimately delivering hidden…
-
Zscaler Threat Hunting Discovers and Reconstructs a Sophisticated Water Gamayun APT Group Attack
Tags: access, apt, attack, backdoor, cloud, control, credentials, cve, data, detection, exploit, government, group, infrastructure, intelligence, malicious, malware, network, open-source, password, powershell, risk, russia, social-engineering, supply-chain, tactics, theft, threat, tool, vulnerability, windows, zero-day, zero-trustThis blog is intended to share an in-depth analysis of a recent multi-stage attack attributed to the Water Gamayun advanced persistent threat group (APT). Drawing on telemetry, forensic reconstruction, and known threat intelligence, the Zscaler Threat Hunting team reconstructed how a seemingly innocuous web search led to a sophisticated exploitation of a Windows MMC vulnerability,…
-
Zscaler Threat Hunting Discovers and Reconstructs a Sophisticated Water Gamayun APT Group Attack
Tags: access, apt, attack, backdoor, cloud, control, credentials, cve, data, detection, exploit, government, group, infrastructure, intelligence, malicious, malware, network, open-source, password, powershell, risk, russia, social-engineering, supply-chain, tactics, theft, threat, tool, vulnerability, windows, zero-day, zero-trustThis blog is intended to share an in-depth analysis of a recent multi-stage attack attributed to the Water Gamayun advanced persistent threat group (APT). Drawing on telemetry, forensic reconstruction, and known threat intelligence, the Zscaler Threat Hunting team reconstructed how a seemingly innocuous web search led to a sophisticated exploitation of a Windows MMC vulnerability,…
-
FraudWeek So schützen sich Organisationen vor Betrug und Phishing
Jedes Jahr ruft die International-Fraud-Awareness-Week (Internationale Woche zur Sensibilisierung für Betrug) Unternehmen, öffentliche Einrichtungen und Nutzer dazu auf, sich eingehender mit den Risiken von Betrug, Social-Engineering und anderen Formen der digitalen Manipulation auseinanderzusetzen. Die im Jahr 2000 gestartete Initiative zielt darauf ab, weltweit das Bewusstsein dafür zu schärfen, wie sich Betrugsmaschen entwickeln, wie Angreifer menschliches…
-
DPRK’s FlexibleFerret Tightens macOS Grip
The actor behind the Contagious Interview campaign is continuing to refine its tactics and social engineering scams to wrest credentials from macOS users. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/dprks-flexibleferret-tightens-macos-grip
-
ClickFix Attack Uses Steganography to Hide Malware in Fake Windows Security Update
Cybersecurity researchers at Huntress have uncovered a sophisticated ClickFix campaign that leverages steganography to conceal malicious code within PNG images disguised as Windows Update screens. The attack chain delivers multiple variants of information-stealing malware, including LummaC2 and Rhadamanthys, through a deceptive social engineering technique that tricks users into executing commands via the Windows Run prompt.…
-
3 SOC Challenges You Need to Solve Before 2026
2026 will mark a pivotal shift in cybersecurity. Threat actors are moving from experimenting with AI to making it their primary weapon, using it to scale attacks, automate reconnaissance, and craft hyper-realistic social engineering campaigns.The Storm on the HorizonGlobal world instability, coupled with rapid technological advancement, will force security teams to adapt not just their…
-
3 SOC Challenges You Need to Solve Before 2026
2026 will mark a pivotal shift in cybersecurity. Threat actors are moving from experimenting with AI to making it their primary weapon, using it to scale attacks, automate reconnaissance, and craft hyper-realistic social engineering campaigns.The Storm on the HorizonGlobal world instability, coupled with rapid technological advancement, will force security teams to adapt not just their…
-
CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users
Tags: access, cisa, cyber, cybersecurity, infrastructure, mobile, social-engineering, spyware, unauthorizedThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert warning of bad actors actively leveraging commercial spyware and remote access trojans (RATs) to target users of mobile messaging applications.”These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim’s messaging app, First…
-
The Changing Threat Landscape for Retailers: Why is data security working harder than last year?
Tags: access, ai, api, application-security, attack, automation, breach, business, cloud, compliance, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, GDPR, hacker, ibm, incident, intelligence, Internet, malicious, malware, monitoring, PCI, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, saas, security-incident, service, social-engineering, software, strategy, supply-chain, tactics, threat, tool, unauthorized, vulnerabilityThe Changing Threat Landscape for Retailers: Why is data security working harder than last year? madhav Thu, 11/20/2025 – 08:37 It’s the 2025 holiday shopping season, and retailers everywhere are geared up for the rush of online customers. From late November to January, which includes Black Friday, Cyber Monday, Christmas shopping, and end-of-season sales, is…
-
The Changing Threat Landscape for Retailers: Why is data security working harder than last year?
Tags: access, ai, api, application-security, attack, automation, breach, business, cloud, compliance, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, GDPR, hacker, ibm, incident, intelligence, Internet, malicious, malware, monitoring, PCI, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, saas, security-incident, service, social-engineering, software, strategy, supply-chain, tactics, threat, tool, unauthorized, vulnerabilityThe Changing Threat Landscape for Retailers: Why is data security working harder than last year? madhav Thu, 11/20/2025 – 08:37 It’s the 2025 holiday shopping season, and retailers everywhere are geared up for the rush of online customers. From late November to January, which includes Black Friday, Cyber Monday, Christmas shopping, and end-of-season sales, is…
-
TamperedChef Campaign Exploits Everyday Apps to Deploy Malware and Enable Remote Access
The Acronis Threat Research Unit has uncovered a sophisticated global malvertising campaign called TamperedChef that disguises malware as legitimate everyday applications to compromise systems worldwide. The operation uses social engineering, search engine optimization tactics, and fraudulently obtained digital certificates to trick users into installing backdoors that grant attackers remote access and control over infected machines.…
-
TamperedChef Campaign Exploits Everyday Apps to Deploy Malware and Enable Remote Access
The Acronis Threat Research Unit has uncovered a sophisticated global malvertising campaign called TamperedChef that disguises malware as legitimate everyday applications to compromise systems worldwide. The operation uses social engineering, search engine optimization tactics, and fraudulently obtained digital certificates to trick users into installing backdoors that grant attackers remote access and control over infected machines.…