Tag: tactics
-
New Malware-as-a-Service ‘Olymp Loader’ Emerges on Hacker Forums With Advanced Anti-Analysis Features
Olymp Loader has emerged as a sophisticated Malware-as-a-Service (MaaS) platform since its public debut in June 2025, quickly establishing itself as a notable threat across underground cybercriminal forums and Telegram channels. Marketed under the alias >>OLYMPO,
-
Alliances between ransomware groups tied to recent surge in cybercrime
Tags: access, attack, awareness, backup, business, cloud, cybercrime, cybersecurity, data, encryption, exploit, extortion, group, healthcare, incident response, intelligence, law, leak, monitoring, ransom, ransomware, saas, service, software, tactics, theft, threat, vpn, vulnerability, zero-dayRansomware groups change tactics to evade law enforcement: The latest quarterly study from Rapid7 also found that newly forged alliances are leading to a spike in ransomware activity while adding that tactical innovations, from refined extortion to double extortion and use of zero day, are also playing a part in increased malfeasance.The quarter also saw…
-
New ClickFix attacks use fake Windows Update screens to fool employees
Run dialog box, Windows Terminal, or Windows PowerShell. This leads to the downloading of scripts that launch malware.Two new tactics are used in the latest ClickFix campaign, says Huntress:the use since early October of a fake blue Windows Update splash page in full-screen, displaying realistic “Working on updates” animations that eventually conclude by prompting the user to…
-
Advanced Security Isn’t Stopping Ancient Phishing Tactics
New research reveals that sophisticated phishing attacks consistently bypass traditional enterprise security measures. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/advanced-security-phishing-tactics
-
Advanced Security Isn’t Stopping Ancient Phishing Tactics
New research reveals that sophisticated phishing attacks consistently bypass traditional enterprise security measures. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/advanced-security-phishing-tactics
-
Advanced Security Isn’t Stopping Ancient Phishing Tactics
New research reveals that sophisticated phishing attacks consistently bypass traditional enterprise security measures. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/advanced-security-phishing-tactics
-
FAQ About Sha1-Hulud 2.0: The >>Second Coming<< of the npm Supply-Chain Campaign
Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to immediately audit for at least 800 compromised packages. A massive resurgence of the Sha1-Hulud malware family, self-titled by the attackers as “The Second Coming,” was observed around Nov. 24 targeting…
-
FAQ About Sha1-Hulud 2.0: The >>Second Coming<< of the npm Supply-Chain Campaign
Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to immediately audit for at least 800 compromised packages. A massive resurgence of the Sha1-Hulud malware family, self-titled by the attackers as “The Second Coming,” was observed around Nov. 24 targeting…
-
Elephant Group Launches Defense Sector Attacks Using MSBuild-Delivered Python Backdoor
An India-aligned advanced persistent threat group known as Dropping Elephant has launched sophisticated cyberattacks against Pakistan’s defense sector using a newly developed Python-based backdoor delivered through an MSBuild dropper. The campaign demonstrates significant evolution in the threat actor’s tactics, techniques, and procedures, combining living-off-the-land binaries with custom malware to evade detection and establish persistent access…
-
APT35 Data Leak Uncovers the Iranian Hacker Group’s Operations and Tactics
In October 2025, a significant breach exposed internal operational documents from APT35, also known as Charming Kitten, revealing that the Iranian state-sponsored group operates as a bureaucratized, quota-driven cyber-espionage unit with hierarchical command structures, performance metrics, and specialized attack teams. The leaked materials provide an unprecedented window into how this Islamic Revolutionary Guard Corps Intelligence…
-
Chinese APT24 Deploys Custom Malware, New Stealthy Tactics
3-Year Espionage Campaign Targeted Taiwanese Firms. Chinese nation-state group APT24 targeted multiple Taiwanese companies as part of an espionage operation that went undetected for three years. The hacking group continually updated its malware infrastructure and tactics, enabling it to stay under the radar, Google Cloud said. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-apt24-deploys-custom-malware-new-stealthy-tactics-a-30103
-
Hack the Hackers: 6 Laws for Staying Ahead of the Attackers
A new security framework responds to a shift in attackers’ tactics, one that allows them to infiltrate enterprises silently through their own policies. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/hack-hackers-6-laws-staying-ahead-cyberattackers
-
How to turn threat intel into real security wins
Tags: access, api, attack, automation, awareness, business, ciso, cloud, communications, control, credentials, csf, data, data-breach, detection, dns, edr, email, endpoint, exploit, finance, framework, governance, guide, identity, intelligence, lessons-learned, mail, malware, mitre, nist, phishing, ransomware, resilience, risk, saas, siem, soar, soc, switch, tactics, theft, threat, tool, update, vulnerabilityThe CISO mandate: Risk, efficiency, investment, response: Reduce operational risk and financial loss Intelligence-led detection and response aim to prevent or minimise data loss and business disruption. The downstream effects, smaller blast radii, fewer regulatory headaches and lower recovery bills, are what boards recognise. Maximise staff efficiency Manual validation and correlation drive alert fatigue. Automating…
-
How to turn threat intel into real security wins
Tags: access, api, attack, automation, awareness, business, ciso, cloud, communications, control, credentials, csf, data, data-breach, detection, dns, edr, email, endpoint, exploit, finance, framework, governance, guide, identity, intelligence, lessons-learned, mail, malware, mitre, nist, phishing, ransomware, resilience, risk, saas, siem, soar, soc, switch, tactics, theft, threat, tool, update, vulnerabilityThe CISO mandate: Risk, efficiency, investment, response: Reduce operational risk and financial loss Intelligence-led detection and response aim to prevent or minimise data loss and business disruption. The downstream effects, smaller blast radii, fewer regulatory headaches and lower recovery bills, are what boards recognise. Maximise staff efficiency Manual validation and correlation drive alert fatigue. Automating…
-
Root causes of security breaches remain elusive, jeopardizing resilience
Tags: attack, breach, business, ciso, cyber, cybercrime, cybersecurity, data, detection, framework, governance, incident response, intelligence, lessons-learned, monitoring, resilience, security-incident, service, siem, skills, software, strategy, tactics, technology, threat, tool, training, update, vpn, vulnerabilityTracing an attack path: Preparation is key, so businesses need to have dedicated tools and skills for digital forensics in place before an incident occurs through technologies such as security incident and event management (SIEM).SIEM devices are important because, for example, many gateway and VPN devices have a local storage that overwrites itself within hours.”If…
-
Sneaky2FA phishing tool adds ability to insert legit-looking URLs
A look at Sneaky2FA: Sneaky2FA operates through a full-featured bot on Telegram, says the report. Customers reportedly receive access to a licensed, obfuscated version of the source code and deploy it independently. This means they can customize it to their needs. On the other hand, the report notes, Sneaky2FA implementations can be reliably profiled and…
-
Sneaky2FA phishing tool adds ability to insert legit-looking URLs
A look at Sneaky2FA: Sneaky2FA operates through a full-featured bot on Telegram, says the report. Customers reportedly receive access to a licensed, obfuscated version of the source code and deploy it independently. This means they can customize it to their needs. On the other hand, the report notes, Sneaky2FA implementations can be reliably profiled and…
-
Emerging Ransomware Variants Exploit Amazon S3 Misconfigurations
Tags: cloud, cyber, encryption, exploit, malware, ransomware, service, tactics, threat, vulnerabilityRansomware is shifting from traditional systems to cloud environments, fundamentally redefining its impact on cloud-native data. As organizations increasingly migrate to cloud platforms, threat actors are adapting their tactics moving away from traditional encryption-based malware to exploit the unique architecture and misconfiguration vulnerabilities inherent in cloud storage services. Cloud storage services like Amazon Simple Storage…
-
Emerging Ransomware Variants Exploit Amazon S3 Misconfigurations
Tags: cloud, cyber, encryption, exploit, malware, ransomware, service, tactics, threat, vulnerabilityRansomware is shifting from traditional systems to cloud environments, fundamentally redefining its impact on cloud-native data. As organizations increasingly migrate to cloud platforms, threat actors are adapting their tactics moving away from traditional encryption-based malware to exploit the unique architecture and misconfiguration vulnerabilities inherent in cloud storage services. Cloud storage services like Amazon Simple Storage…
-
3 ways CISOs can win over their boards this budget season
Tip 2: Go beyond compliance standards: It’s no secret that compliance and regulations drive nearly 80% of CISOs’ budget justifications. Industry standards like HIPAA and SOC2 can offer a guiding framework for a program, but with evolving threats from AI, the rise of quantum computing and increasingly complex third-party risk, CISOs need to think of…
-
The Gentlemen<< Ransomware Group Deploys Dual-Extortion Tactics, Encrypting and Exfiltrating Data
Cybereason Threat Intelligence Team has uncovered a sophisticated ransomware operation known as >>The Gentlemen,
-
The Gentlemen<< Ransomware Group Deploys Dual-Extortion Tactics, Encrypting and Exfiltrating Data
Cybereason Threat Intelligence Team has uncovered a sophisticated ransomware operation known as >>The Gentlemen,