Tag: tactics

Hackers Exploit Cybersquatting Tactics to Spread Malware and Steal Sensitive Information

Feb 7, 2026 7:13 AM

Tags: cyber, cybersecurity, exploit, hacker, malware, network, tactics

Digital squatting has evolved from a simple trademark nuisance into a dangerous cybersecurity threat. In 2025, the World Intellectual Property Organization (WIPO) handled a record-breaking 6,200 domain name disputes. This figure continues a troubling trend, with cybersquatting cases rising by 68% since the 2020 pandemic. Today, criminal networks use these fake domains not just to…
Transparent Tribe Hacker Group Targets India’s Startup Ecosystem in Cyber Attack

Feb 6, 2026 3:14 PM

Tags: attack, cyber, defense, government, group, hacker, india, startup, tactics, threat

A worrying shift in the tactics of >>Transparent Tribe,<< a notorious threat group also known as APT36. Historically focused on Indian government, defense, and educational sectors, the group has now expanded its scope to target India's growing startup ecosystem. This new campaign uses sophisticated lures themed around real startup founders to infect victims with the…
Cyberattackers Use Fake RTO Challan Alerts to Spread Android Malware

Feb 5, 2026 3:14 PM

Tags: android, cyber, data, government, india, infrastructure, malware, office, service, social-engineering, tactics

Indian users’ trust in government services through a sophisticated Android malware campaign that impersonates Regional Transport Office (RTO) challan notifications. This campaign represents an evolution from previous RTO-themed malware, featuring advanced anti-analysis techniques, a modular three-stage architecture, and a structured backend infrastructure for data collection and remote operations. The malware spreads through social engineering tactics,…
ShadowSyndicate Leverages Server Transition Technique in Latest Ransomware Attacks

Feb 5, 2026 3:14 PM

Tags: attack, cyber, cybercrime, infrastructure, ransomware, tactics, threat

ShadowSyndicate, a sophisticated cybercrime cluster first identified in 2023, has evolved its infrastructure management tactics by implementing a previously unreported server transition technique. This method involves rotating SSH fingerprints across multiple servers to obscure operational continuity. However, operational security (OPSEC) errors have allowed researchers to trace these connections.”‹ The threat actor orchestrates large server clusters…
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

Feb 5, 2026 1:24 PM

Tags: control, group, hacker, infrastructure, Internet, iran, tactics, threat

The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of the month.”The threat actor stopped maintaining its…
Microsoft and Google Platforms Abused in New Enterprise Cyberattacks

Feb 4, 2026 9:13 AM

Tags: attack, cloud, cyber, cyberattack, defense, google, infrastructure, malicious, microsoft, phishing, service, tactics, threat

A dangerous shift in phishing tactics, with threat actors increasingly hosting malicious infrastructure on trusted cloud platforms like Microsoft Azure, Google Firebase, and AWS CloudFront. Unlike traditional phishing campaigns that rely on newly registered suspicious domains, these attacks leverage legitimate cloud services to bypass security defenses and target enterprise users globally. When malicious content is…
The Paramilitary ICE and CBP Units at the Center of Minnesota’s Killings

Feb 3, 2026 10:14 PM

Tags: tactics

Two agents involved in the shooting deaths of US citizens in Minneapolis are reportedly part of highly militarized DHS units whose extreme tactics are generally reserved for war zones. First seen on wired.com Jump to article: www.wired.com/story/ice-cbp-srt-bortac-units-immigration-operations/
Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking Trojan

Feb 3, 2026 11:13 AM

Tags: banking, cyber, finance, google, malicious, malware, social-engineering, tactics

A malicious application on the Google Play Store masquerading as a legitimate document reader. The deceptive application, which has accumulated over 50,000 downloads, functions as a dropper for the notorious Anatsa banking trojan, a sophisticated malware strain known for targeting financial institutions and compromising user banking credentials. The malicious app leverages social engineering tactics by…
Hydra Tactics: North Korea’s LABYRINTH CHOLLIMA Splits to Hunt Crypto Secrets

Feb 3, 2026 5:13 AM

Tags: crypto, korea, north-korea, tactics

The post Hydra Tactics: North Korea’s LABYRINTH CHOLLIMA Splits to Hunt Crypto Secrets appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/hydra-tactics-north-koreas-labyrinth-chollima-splits-to-hunt-crypto-secrets/
DynoWiper Malware Targets Energy Firms in Destructive Data-Wiping Attacks

Feb 2, 2026 11:14 PM

Tags: attack, cyber, data, malware, tactics, ukraine

A new data-wiping malware dubbed DynoWiper, deployed against an energy company in Poland in late December 2025. The malware’s tactics, techniques, and procedures closely mirror those observed in earlier ZOV wiper incidents in Ukraine, prompting ESET to attribute DynoWiper to Sandworm with medium confidence. Unlike ZOV, which carries a high-confidence Sandworm attribution, the lower confidence…
ShinyHunters escalates tactics in extortion campaign linked to Okta environments

Feb 2, 2026 7:13 PM

Tags: access, extortion, okta, social-engineering, tactics

Researchers are tracking multiple clusters that are using social engineering to gain access to victims. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/shinyhunters-tactics-extortion-okta-environ/811112/
ShinyHunters escalates tactics in extortion campaign linked to Okta environments

Feb 2, 2026 7:13 PM

Tags: access, extortion, okta, social-engineering, tactics

Researchers are tracking multiple clusters that are using social engineering to gain access to victims. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/shinyhunters-tactics-extortion-okta-environ/811112/
ShinyHunters escalates tactics in extortion campaign linked to Okta environments

Feb 2, 2026 7:13 PM

Tags: access, extortion, okta, social-engineering, tactics

Researchers are tracking multiple clusters that are using social engineering to gain access to victims. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/shinyhunters-tactics-extortion-okta-environ/811112/
ShinyHunters Leads Surge in Vishing Attacks to Steal SaaS Data

Feb 2, 2026 6:13 PM

Tags: access, attack, cloud, credentials, data, extortion, group, mandiant, mfa, saas, tactics, threat

Several threat clusters are using vishing in extortion campaigns that include tactics that are consistent with those used by high-profile threat group ShinyHunters. They are stealing SSO and MFA credentials to access companies’ environments and steal data from cloud applications, according to Mandiant researchers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/shinyhunters-leads-surge-in-vishing-attacks-to-steal-saas-data/
Google Uncovers Major Expansion in ShinyHunters Threat Activity Using New Tactics

Feb 2, 2026 11:13 AM

Tags: authentication, corporate, credentials, cyber, cybercrime, extortion, google, identity, mfa, phishing, service, software, tactics, threat

A substantial expansion in cybercrime operations using tactics consistent with ShinyHunters-branded extortion campaigns. These sophisticated operations employ advanced voice phishing (vishing) and victim-branded credential harvesting websites to compromise corporate environments by stealing single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. While the methodology of targeting identity providers and Software-as-a-Service (SaaS) platforms remains consistent with…
A Head Start on Emerging Vulnerabilities with The Pentest Tool You Need!

Jan 30, 2026 5:22 PM

Tags: ai, cybersecurity, detection, malicious, penetration-testing, tactics, tool, vulnerability

The world of cybersecurity is undergoing a seismic shift. In 2026, AI-driven pentest tools are set to redefine how we approach vulnerability detection and exploitation. The conventional pentesting methods, which have served as the backbone of security assessments for decades, cannot be replaced, but given the hi-tech tactics of the malicious contemporaries, these tools simply……
Helpdesk Impersonation: A High-Risk Social Engineering Attack

Jan 30, 2026 11:28 AM

Tags: attack, risk, social-engineering, tactics, threat, unauthorized

With organizations becoming more digitally interconnected, threat actors are placing greater emphasis on manipulating people instead of breaching systems directly. One of the most deceptive and damaging tactics is helpdesk impersonation, a form of social engineering in which attackers pose as legitimate users or trusted personnel to manipulate support staff into granting unauthorized access…. First…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
ICE Pretends It’s a Military Force. Its Tactics Would Get Real Soldiers Killed

Jan 29, 2026 8:22 PM

Tags: military, tactics

WIRED asked an active military officer to break down immigration enforcement actions in Minneapolis and elsewhere. First seen on wired.com Jump to article: www.wired.com/story/ice-pretends-its-a-military-force-its-tactics-would-get-real-soldiers-killed/
ICE Pretends It’s a Military Force. Its Tactics Would Get Real Soldiers Killed

Jan 29, 2026 8:22 PM

Tags: military, tactics

WIRED asked an active military officer to break down immigration enforcement actions in Minneapolis and elsewhere. First seen on wired.com Jump to article: www.wired.com/story/ice-pretends-its-a-military-force-its-tactics-would-get-real-soldiers-killed/
ICE Pretends It’s a Military Force. Its Tactics Would Get Real Soldiers Killed

Jan 29, 2026 8:22 PM

Tags: military, tactics

WIRED asked an active military officer to break down immigration enforcement actions in Minneapolis and elsewhere. First seen on wired.com Jump to article: www.wired.com/story/ice-pretends-its-a-military-force-its-tactics-would-get-real-soldiers-killed/
ICE Pretends It’s a Military Force. Its Tactics Would Get Real Soldiers Killed

Jan 29, 2026 8:22 PM

Tags: military, tactics

WIRED asked an active military officer to break down immigration enforcement actions in Minneapolis and elsewhere. First seen on wired.com Jump to article: www.wired.com/story/ice-pretends-its-a-military-force-its-tactics-would-get-real-soldiers-killed/
ICE Pretends It’s a Military Force. Its Tactics Would Get Real Soldiers Killed

Jan 29, 2026 8:22 PM

Tags: military, tactics

WIRED asked an active military officer to break down immigration enforcement actions in Minneapolis and elsewhere. First seen on wired.com Jump to article: www.wired.com/story/ice-pretends-its-a-military-force-its-tactics-would-get-real-soldiers-killed/
A fake romance turns into an Android spyware infection

Jan 29, 2026 5:21 AM

Tags: android, infection, malicious, scam, spyware, tactics

ESET researchers have identified an Android spyware campaign that uses romance scam tactics to target individuals in Pakistan. The operation relies on a malicious app … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/29/ghostchat-android-romance-spyware/
eSkimming Attacks Surge with Evolving Tactics and Ongoing Recovery Challenges

Jan 28, 2026 4:23 PM

Tags: attack, cyber, tactics, threat

A new longitudinal study of Magecart-style eSkimming attacks overturns the assumption that discovery equals recovery. Instead of being a one-time incident that ends with script removal, eSkimming is emerging as a long-lived, shape”‘shifting threat that lingers on previously compromised sites and often returns in new forms. Over the course of a year, researchers tracked 550…
GoTo Resolve Tool’s Background Activities Compared to Ransomware Tactics

Jan 28, 2026 3:21 PM

Tags: access, ransomware, risk, software, tactics, tool

New research from Point Wild’s Lat61 team reveals how the HEURRemoteAdmin.GoToResolve.gen tool allows silent, unattended access to PCs. Learn why this legitimate remote administration software is being flagged as a security risk and its surprising connection to ransomware tactics. First seen on hackread.com Jump to article: hackread.com/goto-resolve-activities-ransomware-tactics/
Surging Cyberattacks Boost Latin America to Riskiest Region

Jan 28, 2026 3:21 PM

Tags: credentials, cyberattack, data, exploit, extortion, leak, tactics, usa

The region is up against tactics like data-leak extortion, credential-stealing campaigns, edge-device exploitation, and attackers leveraging AI. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/surging-cyberattacks-latin-america-riskiest-region
AI is Now Default Enterprise Accelerator: Takeaways from ThreatLabz 2026 AI Security Report

Jan 27, 2026 10:25 PM

Tags: access, ai, attack, automation, chatgpt, compliance, control, data, detection, finance, google, governance, infrastructure, injection, insurance, intelligence, malicious, malware, microsoft, ml, monitoring, RedTeam, risk, saas, social-engineering, supply-chain, tactics, technology, threat, tool, vulnerability, zero-trust

Artificial intelligence and machine learning (AI/ML) are no longer emerging capabilities inside enterprise environments. In 2025, they became a persistent operating layer for how work gets done. Developers ship faster, marketers generate more content, analysts automate research, and IT teams rely on AI to streamline troubleshooting and operations. The productivity gains are real, but so…
APT Attacks Target Indian Government Using SHEETCREEP, FIREPOWER, and MAILCREEP – Part 2

Jan 27, 2026 6:24 PM

Tags: access, ai, api, apt, attack, backdoor, backup, cloud, control, credentials, data, dns, email, exploit, github, google, government, group, india, infection, infrastructure, Internet, linux, malicious, malware, microsoft, monitoring, network, phishing, powershell, programming, service, tactics, threat, tool, update, windows

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ThreatLabz uncovered three additional backdoors, SHEETCREEP, FIREPOWER, and MAILCREEP, used to power the Sheet Attack campaign. In Part 2 of this series, ThreatLabz will…