Stay up to date on the latest threats, vulnerabilities and nation-state activities.
Mark Hughes, president of Security, DXC
THREAT UPDATE
By the numbers
By the numbers
Advanced Installer, a Windows tool for creating software packages, has been abused by threat actors to drop cryptocurrency-mining malware on infected machines since at least late 2021.
Microsoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques. These attacks are being propagated as part of a new phishing-as-a-service (PhaaS) cybercrime model.
Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store. They’re designed to harvest sensitive information from compromised Android devices.
The BlackCat ransomware gang is using stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt Azure cloud storage. Incident responders say the attackers have adopted a new Sphynx variant that offers added support for using custom credentials.
A new phishing attack leverages Facebook Messenger to propagate messages with malicious attachments from fake and hijacked personal accounts. The ultimate goal: taking over targets’ business accounts.
This malware loader uses various techniques to let criminals deliver payloads while flying under the radar. These techniques include syscalls, monitoring processes and delayed code execution.
This new cyberattack campaign leverages PowerShell scripts associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems. Most of the affected systems have been located in Australia, Poland and Belgium.
Software developer Retool says the accounts of 27 cloud customers were compromised by a targeted SMS-based social engineering attack.
?qlt=90&ts=1665762600393&$landscape-x4_desktop$&dpr=off)