Tag: tactics
-
New ValleyRAT Malware Variant Spreading via Fake Chrome Downloads
Morphisec uncovers a new ValleyRAT malware variant with advanced evasion tactics, multi-stage infection chains, and novel delivery methods… First seen on hackread.com Jump to article: hackread.com/valleyrat-malware-variant-fake-chrome-downloads/
-
Cybercriminals Exploiting HTTP Client Tools to Hijack Microsoft 365 Accounts
A recent report by Proofpoint has revealed an alarming trend of cybercriminals exploiting HTTP client tools to target Microsoft 365 accounts. These tools, originally designed for legitimate use, are now being repurposed for large-scale account takeover (ATO) attacks, employing tactics such as brute force login attempts and Adversary-in-the-Middle (AiTM) techniques. With a growing reliance on…
-
39% of IT leaders fear major incident due to excessive workloads
Enterprise security operations teams find themselves stretched thin and contending with an escalating cyber threat landscape today. Many are understaffed and underfunded, leaving CISOs on edge about the consequences for the enterprise, and their careers.A recent survey from Adaptavist about fallout from last summer’s CrowdStrike outage found that two out of five (39%) IT leaders…
-
The Hidden Cyber Trap: How Compromised Websites and Malicious AdTech Manipulate Users
In the cybersecurity world, analysts often focus on the adversary’s tactics, techniques, and procedures (TTPs), but what happens First seen on securityonline.info Jump to article: securityonline.info/the-hidden-cyber-trap-how-compromised-websites-and-malicious-adtech-manipulate-users/
-
Mastering SEO for Cybersecurity Entrepreneurs: A Strategic Guide to Dominating Search Rankings
Master fundamentals of SEO to elevate your online presence in 2025. From keyword research and on-page optimization to local SEO tactics, this guide covers essential strategies for entrepreneurs. Learn how to track key metrics, stay updated on the latest trends to drive more traffic and conversions. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/mastering-seo-for-cybersecurity-entrepreneurs-a-strategic-guide-to-dominating-search-rankings/
-
5 Encrypted Attack Predictions for 2025
Tags: access, ai, apt, attack, automation, cloud, communications, computer, computing, control, cryptography, cyber, cyberattack, cybercrime, data, data-breach, defense, detection, email, encryption, exploit, government, group, india, infrastructure, intelligence, Internet, malicious, malware, network, phishing, ransomware, risk, service, tactics, technology, threat, update, vpn, zero-trustThe cyberthreat landscape of 2024 was rife with increasingly sophisticated threats, and encryption played a pivotal role”, a staggering 87.2% of threats were hidden in TLS/SSL traffic. The Zscaler cloud blocked 32.1 billion attempted encrypted attacks, a clear demonstration of the growing risk posed by cybercriminals leveraging encryption to evade detection. ThreatLabz reported that malware…
-
Arcus Media group seen employing advanced tactics
First seen on scworld.com Jump to article: www.scworld.com/brief/arcus-media-group-seen-employing-advanced-tactics
-
New Hellcat Ransomware Gang Employs Humiliation Tactics
Cato Networks highlighted how the recently emerged HellCat ransomware group is using novel psychological tactics to court attention and pressurize victims First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hellcat-ransomware-humiliation/
-
Threat Actors Exploit Government Websites for Phishing
Cybercriminals exploit government websites using open redirects and phishing tactics, bypassing secure email gateway protections First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/threat-actors-exploit-gov-websites/
-
Hackers Attacking Windows, macOS, and Linux systems With SparkRAT
Researchers have uncovered new developments in SparkRAT operations, shedding light on its persistent use in malicious campaigns targeting macOS users and government organizations. The findings, detailed in a recent report, underscore the evolving tactics of threat actors leveraging SparkRAT’s modular framework and cross-platform capabilities across Windows, macOS, and Linux. SparkRAT’s Communication Originally released on GitHub…
-
New Hacker Group Using 7z UltraVNC Tool to Deploy Malware Evading Detection
A sophisticated cyber campaign targeting Russian-speaking entities has been identified by cybersecurity researchers, unveiling a deceptive operation imitating the Tactics, Techniques, and Procedures (TTPs) of the Gamaredon APT group. The attackers believed to be part of the GamaCopy group, exploited military-related content as bait, leveraging open-source tools to obscure their activities. The attacks utilized 7z…
-
GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities
A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities.The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and PseudoGamaredon.…
-
Hackers imitate Kremlin-linked group to target Russian entities
A little-known hacking group has been mimicking the tactics of a prominent Kremlin-linked threat actor to target Russian-speaking victims, according to new research.]]> First seen on therecord.media Jump to article: therecord.media/hacker-imitates-gamaredon-to-target-russia
-
Operation (Giỗ Tổ Hùng Vương) Hurricane: New OceanLotus Group Revealed in Espionage Campaigns
A recent report from Qianxin details the sophisticated cyber-espionage tactics employed by the New OceanLotus group. Active intermittently First seen on securityonline.info Jump to article: securityonline.info/operation-gio-to-hung-vuong-hurricane-new-oceanlotus-group-revealed-in-espionage-campaigns/
-
Google Cloud Security Threat Horizons Report #11 Is Out!
Tags: access, api, apt, attack, authentication, breach, business, cloud, corporate, credentials, cybersecurity, data, detection, exploit, extortion, google, identity, intelligence, leak, mfa, password, phishing, ransomware, service, tactics, theft, threat, tool, vulnerabilityThis is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Threat Horizons Report, #11 (full version) that we just released (the official blog for #1 report, my unofficial blogs for #2, #3, #4, #5, #6, #7, #8, #9 and #10). My favorite quotes from the report follow below:…
-
Cybersecurity is tough: 4 steps leaders can take now to reduce team burnout
Tags: ai, attack, breach, business, ciso, compliance, control, corporate, cybercrime, cybersecurity, group, incident response, international, jobs, risk, soc, tactics, threatWorking in cybersecurity is only getting harder. Cybercriminals continue to up their game as security teams scramble to catch up with attack tactics and techniques. Organizations put near-impossible demands on their security departments, often with little or no support.The “always-on” nature of many roles in cybersecurity (from SOC analyst to incident response to the CISO)…
-
Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome
A newly identified extension for Visual Studio Code (VS Code) has been found to impersonate a legitimate Zoom application, enabling cybercriminals to steal sensitive cookies from Google Chrome. This incident marks a significant escalation in the tactics employed by malicious actors to exploit trusted software ecosystems. The Discovery The nefarious extension, uploaded to the VS…
-
DLL Sideloading Proxying: New Campaign Delivers Sliver Implants to German Targets
Cyble Research and Intelligence Labs (CRIL) has uncovered an ongoing cyber campaign targeting German organizations using sophisticated tactics First seen on securityonline.info Jump to article: securityonline.info/dll-sideloading-proxying-new-campaign-delivers-sliver-implants-to-german-targets/
-
Ransomware groups pose as fake tech support over Teams
A researcher at Sophos told CyberScoop that the company observed these tactics being used against multiple individuals and at least 15 organizations. First seen on cyberscoop.com Jump to article: cyberscoop.com/ransomware-groups-pose-as-fake-tech-support-over-teams/
-
Email Bombing, ‘Vishing’ Tactics Abound in Microsoft 365 Attacks
Sophos noted more than 15 attacks have been reported during the past three months. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/email-bombing-vishing-tactics-abound-microsoft-365-attacks
-
Forescout Report Detail Hunters International Ransomware Gang Tactics
An analysis of the operations of Hunters International, the ransomware-as-a-service platform that has been used to compromise more than 200 organizations, conducted by Forescout Technologies reveals the cybercriminal syndicate that created it is employing a wide range of new and old tactics and techniques. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/forescout-report-detail-hunters-international-ransomware-gang-tactics/
-
Star Blizzard Shifts Tactics: Spear-Phishing Campaign Targets WhatsApp Accounts
Microsoft Threat Intelligence has uncovered a new spear-phishing campaign orchestrated by the Russian threat actor known as Star First seen on securityonline.info Jump to article: securityonline.info/star-blizzard-shifts-tactics-spear-phishing-campaign-targets-whatsapp-accounts/
-
US hits back against China’s Salt Typhoon group
Tags: attack, backdoor, china, cisa, ciso, communications, computer, control, crypto, cve, cyber, cyberattack, cybersecurity, defense, detection, disinformation, espionage, exploit, finance, government, group, infosec, infrastructure, intelligence, ivanti, law, malicious, mandiant, microsoft, network, north-korea, office, tactics, technology, theft, threat, tool, vpn, vulnerabilityThe US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider campaign against Chinese-based hacking.On Friday the Department of the Treasury’s Office of Foreign Assets Control (OFAC) said it is sanctioning Sichuan Juxinhe Network Technology, a…
-
Black Basta-Style Cyberattack Hits Inboxes with 1,165 Emails in 90 Minutes
A recent cyberattack, mimicking the tactics of the notorious Black Basta ransomware group, targeted one of SlashNext’s clients…. First seen on hackread.com Jump to article: hackread.com/black-basta-cyberattack-hits-inboxes-with-1165-emails/
-
Stop wasting money on ineffective threat intelligence: 5 mistakes to avoid
Tags: business, ciso, compliance, cyber, cybersecurity, data, detection, edr, finance, group, incident response, infrastructure, intelligence, jobs, malware, monitoring, risk, risk-management, siem, soc, strategy, tactics, technology, threat, tool, update, vulnerability, vulnerability-managementStrong capabilities in cyber threat intelligence (CTI) can help take a cybersecurity program to the next level on many different fronts. When organizations choose quality sources of threat intelligence that are relevant to their technology environments and their business context, these external sources can not only power swifter threat detection but also help leaders better…