Microsoft has recently discovered social engineering activities by an actor we trace as ZINC that weaponized legal open-source software. In the US, UK, India,…
General
Most Replicated Software in Malware Attacks, According to VirusTotal
Threat actors are increasingly imitating trustworthy programmes like Skype, Adobe Reader, and VLC Player in order to take advantage of trust connections and raise…
General
How the most well-known cryptocurrency game in the world was impacted by a fraudulent job offer
Take away: Hackers tricked an Axie Infinity senior engineer into applying for a position at a fictional company. Earlier this year, the fraud caused…
General
Evasive phishing employs reverse tunnels and URL shortening services
Researchers are seeing an increase in the use of reverse tunnel services, as well as URL shorteners, for large-scale phishing campaigns, making the malicious…
General
Google’s OAuth client library for Java had a major flaw
Last month Google patched a severe flaw in its OAuth client library for Java; the actors can exploit the flaw by using a compromised…
General
Windows Print Spooler flaw exploited in the wild
The U.S Cybersecurity and Infrastructure Security Agency (CISA) has asked users to watch out for a vulnerability in the Windows Print Spooler. Although Microsoft…
General
FataIRAT’s new variant used by Purple Fox malware operators
Purple Fox malware operators have expanded their malware arsenal and now possess a new variant of a remote access trojan FataIRAT. Further, at the…
General
iPhone feature being used in “CryptoRom” scam
Social engineering attacks have been using romantic traps and cryptocurrency tricks to lure victims into installing duplicate apps. These attacks use legitimate iOS features…
Cross site scripting
Zimbra issues hotfix for XSS vulnerability under active exploitation
Attackers have targeted mailboxes in multiple waves across two attack phases. Business email platform Zimbra has released a hotfix for a cross-site scripting (XSS)…
Android
Mobile spyware return by threat actors
A threat actor who has targeted the Middle East in the past has developed its Android mobile Spyware. The advanced Android mobile spyware is…