abuses
-
The Chinese APT41 hacking group uses a new malware named ‘ToughProgress’ that abuses Google Calendar for command-and-control (C2) operations, hiding malicious activity behind a trusted cloud service. […]
-
Cisco Talos identified a spam campaign targeting Brazilian users with commercial remote monitoring and management (RMM) tools since at least January 2025. Talos observed the use of PDQ Connect and N-able remote access tools in this campaign. The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious…
-
LummaStealer, a sophisticated information-stealing malware distributed as Malware-as-a-Service (MaaS), has evolved with new evasion techniques that abuse legitimate Windows utilities. LummaStealer MaaS (Source – Cybereason) Originally observed in 2022 and developed by Russian-speaking adversaries, this malware has demonstrated remarkable agility in evading detection while targeting a wide range of Windows systems. Its primary function is…
-
CatB Ransomware Abuses Microsoft Distributed Transaction Coordinator for Stealthy Payload Execution
·
The cybersecurity realm has encountered a formidable adversary with the emergence of CatB ransomware, also known as CatB99 or Baxtoy. First identified in late 2022, this strain has caught the eye of security analysts due to its sophisticated evasion techniques and its potential connection to established ransomware families. There’s speculation within the security community that…
-
Attacks exploiting the Windows Remote Desktop Protocol have been launched by Russia-nexus threat operation UNC5837 against European government and military organizations as part of a cyberespionage-focused phishing campaign discovered in October, reports Cybernews.
-
China-backed APT group ToddyCat has been found exploiting a medium-severity vulnerability in ESET antivirus software to sneak malicious code onto vulnerable systems. Tracked as CVE-2024-11859, the flaw is a dynamic link library (DLL) search order hijacking vulnerability discovered and reported by Kaspersky last year, with a fix issued by ESET in January. “On systems with…
-
Twenty-one nations signed on to a voluntary accord last week in Paris to govern the use of commercial hacking tools commonly known as spyware, after more than a year of work on the agreement. The Pall Mall Process, or Code of Practices for States, has four pillars for the responsible use of the surveillance tech,…
-
Elastic Security Labs has uncovered a sophisticated malware family—dubbed SHELBY—that combines GitHub-based C2 infrastructure, anti-analysis techniques, and stealthy The post SHELBY Malware Abuses GitHub for Control and Data Theft appeared first on Daily CyberSecurity.
-
The GitVenom campaign, a sophisticated cyber threat, has been exploiting GitHub repositories to spread malware and steal cryptocurrency. This campaign involves creating hundreds of fake GitHub repositories that appear legitimate but contain malicious code. These repositories are designed to lure unsuspecting developers into downloading and executing the malicious code, which can lead to significant financial…
-
The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens, has seen a significant increase in its distribution since the beginning of 2025. Initially distributed in limited volumes in mid-2024, this malware has now gained traction, with February’s activity levels matching those of January, signaling a sharp upward trend. Security researchers…
-
Summary Netskope Threat Labs is tracking a widespread phishing campaign affecting hundreds of Netskope customers and thousands of users. The campaign aims to steal credit card information to commit financial fraud, and has been ongoing since the second half of 2024. The attacker targets victims searching for documents on search engines, resulting in access to…
-
The state-sponsored cyber threat group BlueAlpha has been active since at least 2014 and has recently upgraded its malware delivery system to leverage Cloudflare Tunnels to stage GammaDrop malware.
-
Ontario Superior Court Justice Edward Morgan on Wednesday dismissed a lawsuit accusing Canadian company Barrick Gold of committing human rights abuses against Tanzanian mine workers.
-
Criminals are using game-related applications to infect Windows systems with a malicious software framework called Winos4.0 that gives the attackers full control over compromised machines.
-
Interpol’s supreme governing body, the General Assembly, will formally elect the organization’s new secretary general at its next meeting Nov. 4-7 in Glasgow, Scotland. The incoming secretary general, who is responsible for Interpol’s day-to-day operations, should be prepared to advance a reform agenda, because while the improvements Interpol has made to its institutions and procedures…
-
Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More
-
Cisco Talos recently discovered a phishing campaign using an open-source phishing toolkit called Gophish by an unknown threat actor. The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim’s intervention to trigger the infection chain. Talos discovered an undocumented PowerShell RAT we’re calling PowerRAT, as one of the…