Tag: tactics

AI and the Future of American Politics

Oct 13, 2025 3:24 PM

Tags: ai, election, group, tactics, usa

Two years ago, Americans anxious about the forthcoming 2024 presidential election were considering the malevolent force of an election influencer: artificial intelligence. Over the past several years, we have seen plenty of warning signs from elections worldwide demonstrating how AI can be used to propagate misinformation and alter the political landscape, whether by trolls on…
Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads

Oct 13, 2025 3:24 PM

Tags: cyber, hacker, infrastructure, macOS, malicious, tactics

In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh page. These counterfeit domains served a hidden malicious payload under the guise of the standard Homebrew installation script. This exposÃ© delves into the tactics, infrastructure, and impact of this alarming…
Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads

Oct 13, 2025 3:24 PM

Tags: cyber, hacker, infrastructure, macOS, malicious, tactics

In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh page. These counterfeit domains served a hidden malicious payload under the guise of the standard Homebrew installation script. This exposÃ© delves into the tactics, infrastructure, and impact of this alarming…
Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads

Oct 13, 2025 3:24 PM

Tags: cyber, hacker, infrastructure, macOS, malicious, tactics

In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh page. These counterfeit domains served a hidden malicious payload under the guise of the standard Homebrew installation script. This exposÃ© delves into the tactics, infrastructure, and impact of this alarming…
WhatsApp Worm Targets Users with Banking Malware, Steals Login Information

Oct 13, 2025 10:23 AM

Tags: attack, banking, credentials, crypto, cyber, cybersecurity, exploit, login, malicious, malware, social-engineering, tactics, worm

Cybersecurity researchers have uncovered a sophisticated new campaign targeting WhatsApp users in Brazil with self-propagating malware designed to steal banking credentials and cryptocurrency exchange login information. The attack, first detected on September 29, 2025, represents a dangerous evolution in social engineering tactics that exploits users’ trust in familiar contacts to spread malicious payloads across messaging…
Chinese Hackers Use Velociraptor IR Tool in Ransomware Attacks

Oct 10, 2025 7:24 PM

Tags: access, attack, china, group, hacker, incident response, ransomware, tactics, threat, tool

In a new wrinkle for adversary tactics, the Storm-2603 threat group is abusing the digital forensics and incident response (DFIR) tool to gain persistent access to victim networks. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/chinese-hackers-velociraptor-ir-tool-ransomware-attacks
Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot

Oct 10, 2025 11:23 AM

Tags: attack, group, russia, tactics

Forescout said that the TwoNet actor was lured into attacking a honeypot disguised as a water treatment utility, providing insights into the group’s tactics First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russia-hacktivistsattack-water/
Bots Are Evolving: Here’s How to Stop AI-Powered Automation Before It Stops You

Oct 9, 2025 9:23 AM

Tags: access, ai, api, application-security, attack, authentication, automation, awareness, breach, cloud, compliance, container, control, credentials, cyber, cybersecurity, data, defense, encryption, exploit, intelligence, Internet, login, malicious, mobile, monitoring, network, scam, skills, software, strategy, tactics, technology, threat, tool

Bots Are Evolving: Here’s How to Stop AI-Powered Automation Before It Stops You madhav Thu, 10/09/2025 – 04:34 More than half of all internet traffic is now automated. Bots don’t just scrape data or hoard inventory anymore. They mimic humans so convincingly that even seasoned security teams struggle to spot them. With the help of…
Bots Are Evolving: Here’s How to Stop AI-Powered Automation Before It Stops You

Oct 9, 2025 9:23 AM

Tags: access, ai, api, application-security, attack, authentication, automation, awareness, breach, cloud, compliance, container, control, credentials, cyber, cybersecurity, data, defense, encryption, exploit, intelligence, Internet, login, malicious, mobile, monitoring, network, scam, skills, software, strategy, tactics, technology, threat, tool

Bots Are Evolving: Here’s How to Stop AI-Powered Automation Before It Stops You madhav Thu, 10/09/2025 – 04:34 More than half of all internet traffic is now automated. Bots don’t just scrape data or hoard inventory anymore. They mimic humans so convincingly that even seasoned security teams struggle to spot them. With the help of…
The Evolution of Chaos: Ransomware’s New Era of Speed and Intelligence

Oct 9, 2025 9:23 AM

Tags: crypto, cyber, extortion, finance, intelligence, ransomware, risk, tactics, theft

In 2025, the notorious Chaos ransomware has undergone a dramatic transformation, emerging with a sophisticated C++ variant that represents the most dangerous iteration to date. This marks the first time Chaos has departed from its traditional .NET foundation, introducing destructive extortion tactics and cryptocurrency theft capabilities that significantly amplify both operational impact and financial risk…
Purdue 2.0? : Rising to the Challenge to secure OT with Zero Trust Connectivity

Oct 8, 2025 3:58 PM

Tags: access, ai, attack, automation, breach, cloud, compliance, control, corporate, csf, cyber, cybercrime, cybersecurity, data, defense, detection, dns, email, endpoint, espionage, exploit, extortion, firewall, firmware, framework, incident response, infrastructure, intelligence, Internet, iot, malicious, malware, mitre, monitoring, network, nist, organized, phishing, ransomware, resilience, risk, service, siem, soc, software, spear-phishing, supply-chain, tactics, technology, theft, threat, tool, unauthorized, update, vpn, vulnerability, zero-trust

Our connected world is getting dangerously messy. Demands on the effective protection of OT environments has never been greater than it is today. This is only growing. Cybercrime is becoming more organized with RaaS and the internal threat is enhanced by huge payouts of initial access brokers. Additionally, Nation States are posturing for cyber war…
Purdue 2.0? : Rising to the Challenge to secure OT with Zero Trust Connectivity

Oct 8, 2025 3:58 PM

Tags: access, ai, attack, automation, breach, cloud, compliance, control, corporate, csf, cyber, cybercrime, cybersecurity, data, defense, detection, dns, email, endpoint, espionage, exploit, extortion, firewall, firmware, framework, incident response, infrastructure, intelligence, Internet, iot, malicious, malware, mitre, monitoring, network, nist, organized, phishing, ransomware, resilience, risk, service, siem, soc, software, spear-phishing, supply-chain, tactics, technology, theft, threat, tool, unauthorized, update, vpn, vulnerability, zero-trust

Our connected world is getting dangerously messy. Demands on the effective protection of OT environments has never been greater than it is today. This is only growing. Cybercrime is becoming more organized with RaaS and the internal threat is enhanced by huge payouts of initial access brokers. Additionally, Nation States are posturing for cyber war…
Russian hackers turn to AI as old tactics fail, Ukrainian CERT says

Oct 8, 2025 3:58 PM

Tags: ai, hacker, malicious, phishing, russia, tactics, ukraine

Russian hackers are now using AI not only to write phishing messages but also to generate malicious code itself. First seen on therecord.media Jump to article: therecord.media/russian-hackers-turn-to-ai-ukraine-cert
BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers

Oct 7, 2025 8:35 PM

Tags: corporate, group, jobs, malicious, malware, social-engineering, tactics, threat

A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot.”The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents,” Aryaka Threat Research Labs First seen…
Inside the Hacker’s Playbook”, Adversarial AI Up Close

Oct 6, 2025 5:35 PM

Tags: ai, cybercrime, hacker, software, tactics, threat

Jamie Levy, director of adversary tactics at Huntress, highlights a rare and revealing incident: a cybercriminal downloaded Huntress’ software, inadvertently giving defenders a front-row seat into how attackers are experimenting with artificial intelligence. For years, the industry has speculated that threat actors were using AI”, but speculation is not proof. This time, there was evidence.…
Rainwalk Pet Insurance Exposes 158 GB of US Customer and Pet Data

Oct 6, 2025 4:35 PM

Tags: data, data-breach, fraud, insurance, tactics

A misconfigured database belonging to a pet insurance company, “Rainwalk Pet Insurance,” exposed sensitive PII and veterinary claim data. The data exposure reveals new fraud tactics, including microchip and reimbursement scams. First seen on hackread.com Jump to article: hackread.com/rainwalk-pet-insurance-158-gb-customer-pet-data/
From Deception to Defense: Understanding and Combating Phishing

Oct 6, 2025 11:35 AM

Tags: ai, cyber, cybersecurity, deep-fake, defense, exploit, mitigation, phishing, tactics, threat

Phishing remains one of the most persistent and dangerous cybersecurity threats, now amplified by AI and deepfake technologies. Despite decades of mitigation efforts, attackers continue to exploit human behavior through deception and social engineering. A multidisciplinary approach”, combining technical innovation, behavioral science, and policy reform”, is essential to counter evolving phishing tactics and build long-term…
Phishing is old, but AI just gave it new life

Oct 6, 2025 6:34 AM

Tags: ai, cyberattack, malicious, phishing, tactics, threat

The volume of cyberattacks has reached staggering levels, with new tactics that blur the line between legitimate and malicious activity. A new threat report from Comcast, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/phishing-ai-enterprise-resilience-security/
Confucius Hacker Group Weaponizes Documents to Infect Windows Systems with AnonDoor Malware

Oct 3, 2025 8:41 AM

Tags: attack, backdoor, cyber, email, espionage, group, hacker, hacking, malware, phishing, social-engineering, tactics, windows

The Confucius hacking group, a long-running cyber-espionage operation with suspected state-sponsored ties, has significantly evolved its attack methodologies over the past year, transitioning from document stealers like WooperStealer to sophisticated Python-based backdoors including AnonDoor malware. The December 2024 campaign demonstrated Confucius’ refined social engineering tactics, utilizing phishing emails with weaponized PowerPoint presentations (Document.ppsx) that displayed…
Cl0p-linked threat actors target Oracle E-Business Suite in extortion campaign

Oct 3, 2025 5:41 AM

Tags: access, attack, breach, business, communications, corporate, data, email, exploit, extortion, group, hacker, Internet, login, mfa, monitoring, moveIT, network, oracle, passkey, password, ransomware, tactics, threat, vulnerability, zero-day, zero-trust

Execs: Don’t ‘engage rashly’: There are no common vulnerabilities and exposures (CVEs) for this attack; the issue “stems from configuration and default business logic abuse rather than a specific vulnerability,” according to Halcyon.The firm advises organizations to check if EBS portals are publicly accessible (via /OA_HTML/AppsLocalLogin.jsp#) and if so, immediately restrict exposure. It is also…
Confucius Shifts from Document Stealers to Python Backdoors

Oct 2, 2025 4:41 PM

Tags: backdoor, cyber, espionage, group, tactics

The Confucius cyber-espionage group has shifted its tactics from document-focused stealers to Python-based backdoors like AnonDoor First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/confucius-shifts-doc-stealers/
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

Oct 2, 2025 2:41 PM

Tags: ai, attack, backdoor, browser, chrome, cloud, defense, exploit, firewall, flaw, malicious, ransomware, sql, tactics, technology, vulnerability

From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing, no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.On the defense side, AI is stepping…
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

Oct 2, 2025 2:41 PM

Tags: ai, attack, backdoor, browser, chrome, cloud, defense, exploit, firewall, flaw, malicious, ransomware, sql, tactics, technology, vulnerability

From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing, no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.On the defense side, AI is stepping…
Malicious ZIP Files Use Windows Shortcuts to Drop Malware

Oct 2, 2025 12:41 PM

Tags: cyber, cybersecurity, malicious, malware, phishing, spear-phishing, tactics, virus, windows

Cybersecurity firm Blackpoint Cyber reveals a new spear phishing campaign targeting executives. Learn how attackers use fraudulent document ZIPs containing malicious shortcut files, leveraging ‘living off the land’ tactics, and a unique Anti-Virus check to deliver a custom payload First seen on hackread.com Jump to article: hackread.com/malicious-zip-files-windows-shortcuts-malware/
China-linked APT Phantom Taurus uses Net-Star malware in espionage campaigns against key sectors

Oct 2, 2025 10:41 AM

Tags: apt, china, espionage, government, malware, middle-east, tactics

China-linked APT Phantom Taurus targets government and telecom orgs with Net-Star malware for espionage, using unique tactics over two years. China-nexus APT Phantom Taurus has targeted government and telecom organizations for espionage, using Net-Star malware and distinct TTPs. Phantom Taurus is a previously undocumented Chinese APT, it has targeted entities in Africa, the Middle East,…
Google Sheds Light on ShinyHunters’ Salesforce Tactics

Oct 2, 2025 12:41 AM

Tags: attack, defense, google, mandiant, social-engineering, tactics

Mandiant provided proactive defenses against UNC6040’s social engineering attacks that have led to several Salesforce breaches. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/google-sheds-light-shinyhunters-salesforce-tactics
Inside North Korea’s DeceptiveDevelopment Job Fraud, Malware Scheme

Sep 30, 2025 12:08 AM

Tags: crypto, fraud, jobs, korea, malware, north-korea, social-engineering, tactics

DeceptiveDevelopment blends job fraud and malware, using social engineering and insider tactics to compromise developers and crypto firms. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/deceptive-development-north-korea/
XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics

Sep 29, 2025 2:08 PM

Tags: api, control, detection, edr, encryption, injection, malware, monitoring, office, open-source, powershell, software, tactics

Dodging sandboxes and scanners: The attackers relied on well-known evasion techniques throughout the chain, including API hashing to hide intent, API calls that bypass user-mode hooks installed by security software, and multiple encryption layers inside .NET DLLs.”The DLL file uses several encryption techniques for analysis to be difficult, such as RSACryptor, Virtualization, Fake.cctor, and many…
XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics

Sep 29, 2025 2:08 PM

Tags: api, control, detection, edr, encryption, injection, malware, monitoring, office, open-source, powershell, software, tactics

Dodging sandboxes and scanners: The attackers relied on well-known evasion techniques throughout the chain, including API hashing to hide intent, API calls that bypass user-mode hooks installed by security software, and multiple encryption layers inside .NET DLLs.”The DLL file uses several encryption techniques for analysis to be difficult, such as RSACryptor, Virtualization, Fake.cctor, and many…
XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics

Sep 29, 2025 2:08 PM

Tags: api, control, detection, edr, encryption, injection, malware, monitoring, office, open-source, powershell, software, tactics

Dodging sandboxes and scanners: The attackers relied on well-known evasion techniques throughout the chain, including API hashing to hide intent, API calls that bypass user-mode hooks installed by security software, and multiple encryption layers inside .NET DLLs.”The DLL file uses several encryption techniques for analysis to be difficult, such as RSACryptor, Virtualization, Fake.cctor, and many…