Latest IntelligencePage 44
Search by keyword →.webp)
Gremlin Stealer Stores C2 URLs and Exfiltration Paths in Encrypted Resource Sections
A newly analyzed variant of the Gremlin stealer malware has raised alarms by hiding its command-and-control (C2) addresses and data exfiltration paths inside en...
.webp)
Dark Web Brokers Repackage Old Breaches as Fresh Corporate Data Leaks
A wave of fake data leak claims is flooding dark web forums, and most of what is being sold turns out to be recycled material from old breaches. Threat actors o...
Hackers Use Fake Income Tax Assessment Pages to Infect Windows Systems
A new threat campaign is targeting Windows users in India by disguising malicious files as official income tax documents. Researchers have tracked the operation...
Void Botnet Uses Ethereum Smart Contracts for Seizure-Resistant C2 Infrastructure
A new botnet called Void has emerged on the cybercrime underground, bringing a troubling twist to how attackers manage their operations remotely. Instead of rel...
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer ma...
Hackers bypass SonicWall VPN MFA due to incomplete patching
Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomwar...
Cyber Pros Can't Decide If AI Is a Good or a Bad Thing
There is nothing cybersecurity professionals are more excited about, and nothing they fear more, than AI....
GitHub Confirms Breach, 4K Internal Repos Stolen
Open source software giant GitHub confirmed a data breach this week involving the theft of thousands of repos. One threat actor — TeamPCP — took credit....
Fake Android Apps Commit Carrier Billing Fraud for Premium Services
The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions....
Fake Android Apps Commit Carrier Billing Fraud for Premium Svcs.
The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions....
Trapdoor Android Ad Fraud Operation Uses 455 Malicious Apps to Generate Fake Clicks
A large-scale ad fraud operation called Trapdoor has been discovered targeting Android users through 455 malicious apps, quietly generating fake ad clicks and d...
Tor launches crowdfunding campaign to support internet freedom projects
The Tor Project has launched a new cryptocurrency-based crowdfunding initiative aimed at supporting internet freedom and privacy tools amid growing financial pr...
Processes and Culture Top Reasons Behind Data Breaches
Government leaders revealed that, in spite of state laws meant to improve cyber hygiene, an analysis of incidents showed issues persist and visibility falls sho...
Processes & Culture Top Reasons Behind Data Breaches
Government leaders revealed that, in spite of state laws meant to improve cyber hygiene, an analysis of incidents showed issues persist and visibility falls sho...
DevilNFC Android Malware Uses Kiosk Mode to Trap Victims During NFC Relay Attacks
A dangerous new Android malware called DevilNFC has emerged, combining NFC relay attacks with a Kiosk Mode trap that locks victims inside a fake banking screen ...
PinTheft Linux Vulnerability Let Attackers Gain Root Access – PoC Released
A proof-of-concept (PoC) exploit was published for a new Linux Local Privilege Escalation (LPE) vulnerability dubbed “PinTheft.” Discovered by Aaron...
AI assistants can be hijacked and manipulated by inaudible sounds
Hidden audio commands can hijack AI voice assistants and transcription tools without users hearing anything unusual, according to new research set to be present...
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence (AI) ...
How to Close the Most Expensive Gap in Your SOC
There is a quiet gap inside many SOCs. It sits between the moment Tier 1 says “this should be escalated” and the moment the response team can actually act&...
Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control
An unauthenticated attacker can exploit the command injection vulnerability to gain remote access to robotic systems, causing significant disruption to the envi...