Security experts have uncovered a novel Strela Stealer campaign, which leverages a new iteration of email credential-stealing malware. In this campaign, the updated malware version is enriched with enhanced functionality and is now capable of gathering system configuration data via the “system info” utility. Moreover, Strela Stealer expanded its targets beyond Spain, Italy, and Germany […]
Hard on the heels of the cyber-espionage campaign by UAC-0099 via the phishing attack vector, another hacking collective has evolved in the cyber threat arena to target Ukrainian organizations. CERT-UA notifies defenders about the discovery of fake websites that mimic the official page of the “Army+” application and are hosted using the Cloudflare Workers service. […]
Researchers have uncovered a new malicious campaign using voice phishing (vishing) to spread the DarkGate malware. In this attack, adversaries masqueraded themselves as the known client on a Microsoft Teams call, tricking the victims into downloading AnyDesk for remote access and further deploying malware. Detect DarkGate Malware Attacks In the early summer of 2024, the […]
The UAC-0099 hacking collective, which has been launching targeted cyber-espionage attacks against Ukraine since the second half of 2022, resurfaces in the cyber threat arena. The CERT-UA team has observed a spike in the group’s malicious activity throughout November-December 2024 against Ukrainian government entities using the phishing attack vector and spreading LONEPAGE malware. Detect UAC-0099 […]
New day, a new menace for cyber defenders. Recently, security researchers from ThreatLabz have uncovered two novel malicious strains adding to the 100 million count of those already identified in 2024. As per reports, the newly revealed RevC2 and Venom Loader have been making the rounds since the summer of 2024, leveraging Venom Spider’s Malware-as-a-Service […]
The nefarious SmokeLoader malware resurfaces in the cyber threat arena targeting Taiwanese companies in multiple industry sectors, including manufacturing, healthcare, and IT. Typically used as a downloader for deploying other malicious samples, in the latest attack campaign, SmokeLoader executes the attack directly by retrieving plugins from its C2 server. Detect SmokeLoader Malware Almost 100 million […]
For nearly three years since the full-scale war in Ukraine began, cyber defenders have reported a growing number of russia-aligned offensive operations targeting Ukrainian organizations to collect intelligence, with attacks increasingly expanding their geographical scope. The russia-backed hacking collective tracked as TAG-110 or UAC-0063 has been observed behind an ongoing cyber-espionage campaign against organizations in […]
A new Rust-based stealer malware dubbed Fickle Stealer has come to the scene, capable of extracting sensitive data from compromised users. The new stealer masquerades itself as GitHub Desktop software for Windows and employs a wide range of anti-malware and detection evasion techniques, posing a growing threat to its potential victims. Detect Fickle Stealer Malware […]
Hot on the heels of the recent wave of cyber-attacks leveraging a highly evasive Strela Stealer in Central and Southwestern Europe, a new infostealer comes into the spotlight targeting sensitive data within the government and education sectors across Europe and Asia. Defenders have observed an ongoing info-stealing campaign attributed to Vietnamese-speaking adversaries who leverage a […]
Cybersecurity researchers have identified an ongoing in-the-wild adversary campaign, which leverages a known RCE vulnerability in Microsoft Office tracked as CVE-2017-0199 exploited by a malicious Excel file used as a lure attachment in phishing emails. The phishing campaign is designed to distribute a new fileless version of the notorious Remcos RAT malware and take full […]