Tag: tactics
-
Hackers Use GitHub Notifications to Impersonate Y Combinator and Steal Wallet Funds
A recent wave of sophisticated phishing attacks has targeted developers and startups by impersonating Y Combinator through GitHub notifications. Victims are being tricked into believing they’ve been selected for startup funding, only to face financial theft via fake verification schemes. This incident spotlights the new tactics phishers use to exploit trusted online platforms and reputable…
-
Malware Deployment via Copyright Takedown Claims by Threat Actors
Threat actors from the Lone None group are exploiting copyright takedown notices to distribute sophisticated malware, including Pure Logs Stealer and a newly identified information stealer dubbed Lone None Stealer (also known as PXA Stealer). This analysis examines the campaign’s tactics, techniques, and procedures (TTPs), highlights key indicators of compromise (IOCs), and underscores how Lone…
-
Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin Access
Attackers have stepped up their tactics by deploying stealthy backdoors disguised as legitimate WordPress components, ensuring persistent administrative access even after other malware is discovered and removed. Their deceptive appearances belied their dangerous functions: one impersonated a plugin, the other camouflaged itself as a core file. Together, they formed a resilient system that gave hackers…
-
6 novel ways to use AI in cybersecurity
Tags: access, ai, attack, authentication, business, ceo, cloud, cyberattack, cybersecurity, data, defense, detection, email, infrastructure, intelligence, malicious, malware, network, phishing, risk, service, tactics, technology, threat, tool, training2. Machine-learning generative adversarial networks: Michel Sahyoun, chief solutions architect with cybersecurity technology firm NopalCyber, recommends using generative adversarial networks (GANs) to create, as well as protect against, highly sophisticated previously unseen cyberattacks. “This technique enables cybersecurity systems to learn and adapt by training against a very large number of simulated threats,” he says.GANs allow…
-
6 novel ways to use AI in cybersecurity
Tags: access, ai, attack, authentication, business, ceo, cloud, cyberattack, cybersecurity, data, defense, detection, email, infrastructure, intelligence, malicious, malware, network, phishing, risk, service, tactics, technology, threat, tool, training2. Machine-learning generative adversarial networks: Michel Sahyoun, chief solutions architect with cybersecurity technology firm NopalCyber, recommends using generative adversarial networks (GANs) to create, as well as protect against, highly sophisticated previously unseen cyberattacks. “This technique enables cybersecurity systems to learn and adapt by training against a very large number of simulated threats,” he says.GANs allow…
-
Organizations Must Update Defenses to Scattered Spider Tactics, Experts Urge
Experts at a Gartner event highlighted areas of focus in identity, processes and third-party risk management to tackle the novel tactics employed by Scattered Spider First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/update-defenses-scattered-spider/
-
Why attackers are moving beyond email-based phishing attacks
Phishing isn’t just email anymore. Attackers now use social media, chat apps & malicious ads to steal credentials. Push Security explains the latest tactics and shows how to stop multi-channel phishing where it happens, inside the browser. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/why-attackers-are-moving-beyond-email-based-phishing-attacks/
-
Subtle Snail Impersonation Tactics: How HR Representatives Can Engage Employees to Steal Login Credentials
Subtle Snail, an Iran-linked espionage group also tracked as UNC1549 under the Unyielding Wasp (Tortoiseshell) umbrella of the Charming Kitten network, has shifted its focus to European telecom, aerospace, and defense firms since June 2022. In a recent wave of attacks, the group compromised 34 devices across 11 organizations by masquerading as human resources representatives…
-
Hackers Abuse GitHub Pages to Spread Stealer Malware to macOS Users
A sophisticated malware campaign is targeting Mac users through fraudulent GitHub repositories that masquerade as legitimate software downloads, with threat actors exploiting search engine optimization tactics to deliver malicious links directly to unsuspecting victims. The LastPass Threat Intelligence, Mitigation, and Escalation team has identified an ongoing widespread infostealer operation that specifically targets macOS users through…
-
Hackers Abuse GitHub Pages to Spread Stealer Malware to macOS Users
A sophisticated malware campaign is targeting Mac users through fraudulent GitHub repositories that masquerade as legitimate software downloads, with threat actors exploiting search engine optimization tactics to deliver malicious links directly to unsuspecting victims. The LastPass Threat Intelligence, Mitigation, and Escalation team has identified an ongoing widespread infostealer operation that specifically targets macOS users through…
-
AI-Driven Phishing Attacks: Deceptive Tactics to Bypass Security Systems
Since January, Trend Micro has tracked a surge in phishing campaigns using AI-powered platforms (Lovable, Netlify, Vercel) to host fake captcha pages that lead to phishing websites. This ploy misleads users and evades security tools. Victims are first shown a captcha, lowering suspicion, while automated scanners only detect the challenge page, missing the hidden credential-harvesting…
-
MuddyWater APT Shifts Tactics to Custom Malware
The post MuddyWater APT Shifts Tactics to Custom Malware appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/muddywater-apt-shifts-tactics-to-custom-malware/
-
Where CISOs need to see Splunk go next
Tags: ai, api, automation, cisco, ciso, cloud, communications, compliance, conference, crowdstrike, cybersecurity, data, data-breach, detection, finance, framework, google, incident response, intelligence, jobs, metric, microsoft, open-source, RedTeam, resilience, risk, router, siem, soar, strategy, tactics, threat, tool, vulnerabilityResilience resides at the confluence of security and observability: There was also a clear message around resilience, the ability to maintain availability and recover quickly from any IT or security event.From a Cisco/Splunk perspective, this means a more tightly coupled relationship between security and observability.I’m reminded of a chat I had with the chief risk…
-
Stealth in Plain Sight: Cryptojackers Hijack PowerShell and Windows Processes to Evade Detection
Darktrace researchers uncovered a sophisticated cryptojacking attempt using PowerShell scripts to inject NBMiner into Windows processes. Experts warn that modern cryptomining malware is more than a nuisance”, posing risks to productivity, data security, and energy costs while exploiting “living off the land” tactics to evade detection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/stealth-in-plain-sight-cryptojackers-hijack-powershell-and-windows-processes-to-evade-detection/
-
MuddyWater Deploys Custom Multi-Stage Malware Hidden Behind Cloudflare
Since early 2025, cybersecurity analysts have witnessed a marked evolution in the tactics and tooling of MuddyWater, the Iranian state-sponsored Advanced Persistent Threat (APT) group. Historically known for broad Remote Monitoring and Management (RMM) campaigns, MuddyWater has pivoted to highly targeted spearphishing operations and bespoke backdoors. This shift underscores the group’s growing sophistication and its…
-
FBI warns about 2 campaigns targeting Salesforce instances
The threat groups, identified as UNC6040 and UNC6395, have used different tactics to gain access to data. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/fbi-warns-campaigns-salesforce-instances/760129/
-
Sidewinder Hackers Weaponize Nepal Protests to Spread Cross-Platform Malware
Sidewinder, a well-known advanced persistent threat (APT) group, has adapted its tactics to exploit the ongoing protests in Nepal, deploying a coordinated campaign of mobile and Windows malware alongside credential phishing. By masquerading as respected national institutions and figures, the group seeks to harvest sensitive data from users tracking the nation’s political turmoil. The protests,…
-
Scattered Spider’s ‘retirement’ announcement: genuine exit or elaborate smokescreen?
Tags: ai, breach, crowdstrike, cybersecurity, data, data-breach, disinformation, google, group, hacking, infrastructure, international, law, mandiant, password, ransomware, tactics, threatLaw enforcement pressure: real but limited impact: The letter explicitly acknowledged the mounting international pressure that supposedly drove their decision.”We want to share a thought for the eight people that have been raided or arrested in relations to these campaigns, Scattered Spider and/or ShinyHunters groups since beginning on April 2024 and thereafter 2025, and especially…
-
Scattered Spider’s ‘retirement’ announcement: genuine exit or elaborate smokescreen?
Tags: ai, breach, crowdstrike, cybersecurity, data, data-breach, disinformation, google, group, hacking, infrastructure, international, law, mandiant, password, ransomware, tactics, threatLaw enforcement pressure: real but limited impact: The letter explicitly acknowledged the mounting international pressure that supposedly drove their decision.”We want to share a thought for the eight people that have been raided or arrested in relations to these campaigns, Scattered Spider and/or ShinyHunters groups since beginning on April 2024 and thereafter 2025, and especially…
-
FBI Releases IOCs on Cyber Threats Exploiting Salesforce for Data Theft
Tags: advisory, breach, cyber, cybercrime, cybersecurity, data, exploit, infrastructure, tactics, theft, threatThe Federal Bureau of Investigation (FBI) has released a detailed flash advisory disclosing indicators of compromise (IOCs) and tactics used by two cybercrime groups”, UNC6040 and UNC6395″, to breach Salesforce customer environments and siphon sensitive data. Coordinated with the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS/CISA), the bulletin aims to equip security…
-
Yurei Ransomware Uses PowerShell to Deploy ChaCha20 File Encryption
A newly discovered ransomware group called Yurei has emerged with sophisticated encryption capabilities, targeting organizations through double-extortion tactics while leveraging open-source code to rapidly scale operations. First observed on September 5, 2025, this Go-based ransomware employs the ChaCha20 encryption algorithm and PowerShell commands to compromise victim systems, marking another evolution in the ransomware-as-a-service ecosystem. Flow…
-
2025 CSO Hall of Fame: Laura Deaner on AI, quantum threats, and cyber leadership
Tags: ai, attack, automation, breach, business, ciso, compliance, conference, cyber, cybersecurity, india, ml, ransomware, risk, skills, strategy, tactics, technology, threat, tool, vulnerabilityHow has the CISO role changed during your career, and what do you see as the biggest cybersecurity challenges for the next generation of CISOs?: Laura Deaner: “When the CISO role first emerged, security was treated as an IT compliance checkbox. Over the years, high-profile breaches”, such as the Code Red incident at Microsoft”, forced…
-
Cybersecurity Snapshot: Security Lags Cloud and AI Adoption, Tenable Report Finds, as CISA Lays Out Vision for CVE Program’s Future
Tags: access, ai, api, attack, automation, best-practice, breach, bug-bounty, business, cisa, cloud, communications, computer, control, cve, cyber, cybersecurity, data, data-breach, defense, encryption, exploit, framework, google, governance, government, identity, infrastructure, intelligence, international, Internet, linkedin, mitre, network, nist, office, open-source, privacy, programming, RedTeam, resilience, risk, risk-management, service, skills, software, strategy, tactics, technology, threat, tool, update, vulnerabilityCheck out Tenable’s report detailing challenges and best practices for cloud and AI security. Plus, CISA rolled out a roadmap for the CVE Program, while NIST updated its guidelines for secure software patches. And get the latest on TLS/SSL security and AI attack disclosures! Here are five things you need to know for the week…
-
Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts
In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group”, also known as APT-C-24 or “Rattlesnake””, has adopted a novel delivery mechanism leveraging Windows shortcut (LNK) files to orchestrate complex, multi-stage intrusions across South Asia. Active since at least 2012 and targeting governments, energy utilities, military installations, and mining operations in…
-
AI-Enhanced Malware Sports Super-Stealthy Tactics
With legit sounding names, EvilAI’s productivity apps are reviving classic threats like Trojans while adding new evasion capabilities against modern antivirus defenses. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/ai-backed-malware-hits-companies-worldwide