TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign spread the dataminer malware GHOSTBLADE read more about TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign reconbee.com/ta446-deploy...

#TA446 #darkswordiOS #phishing #phishingcampaign #cybersecurity #cyberattack

FBI Warns of Russian Intelligence Hijacking Encrypted Messaging Apps The FBI and CISA issued a joint PSA warning of a global phishing campaign by the Russian Intelligence Services that targets Commercial Messaging Applications to compromise individual accounts and steal private communications. The actors use social engineering and abuse of linked-device features—especially against Signal users—to take over accounts, monitor messages, infiltrate...

FBI and CISA alert on global phishing campaign by Russian Intelligence Services targeting encrypted messaging apps, especially Signal, using social engineering to hijack accounts and access private communications. #Russia #PhishingCampaign

Teams Phishing Spreads A0Backdoor Malware
Read More: buff.ly/V7Tjagu

#MicrosoftTeams #A0Backdoor #QuickAssistAbuse #PhishingCampaign #RemoteAccessTrojan #HealthcareCyber #FinancialSectorSecurity #InfosecAlert

APT28 Deploys BadPaw And MeowMeow In Ukraine
Read More: buff.ly/Lk0YmtC

#APT28 #BadPaw #MeowMeowMalware #RussiaCyber #UkraineCyber #PhishingCampaign #CyberEspionage #ThreatIntel

Phishing Hits US, Europe Logistics
Read More: www.cybermaterial.com/p/phishing-h...

#DieselVortex #LogisticsCyber #Typosquatting #PhishingCampaign #CredentialTheft #SupplyChainSecurity #ThreatIntel #Infosec

Phishing campaign targets freight and logistics orgs in the US and Europe Diesel Vortex is an Armenian-speaking actor read more about Phishing campaign targets freight and logistics orgs in the US and Europe

Phishing campaign targets freight and logistics orgs in the US and Europe reconbee.com/phishing-cam...

#phishing #phishingcampaign #unitedstates #europe #cyberattacks #logistics #freight

State Hackers Use Gemini AI For Attacks
Read More: buff.ly/j2cDnFY

#UNC2970 #NorthKoreaCyber #GeminiAI #AIenabledThreats #CyberEspionage #PhishingCampaign #ThreatIntel #OSINTAbuse

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware another distinctive feature of the campaign read more about Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware reconbee.com/multi-stage-...

#phishingcampaign #phishing #russia #amnesia #RAT #ransomware #cyberattack

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware framework despite being presented read more about Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware reconbee.com/indian-users...

#phishingcampaign #blackmoonmalware #malwareattack #malware #phishing #cyberattack

Chinese Spies Exploit Venezuela Crisis to Target US Officials in Phishing Campaign Deploying Backdoor A Chinese-linked cyberespionage campaign by Mustang Panda targeted U.S. government officials with Venezuela-themed phishing emails deploying the LOTUSLITE backdoor.

Full report:
www.technadu.com/chinese-spie...

Do you think geopolitical phishing lures are becoming harder to detect? Comment your opinion.
#CyberEspionage #PhishingCampaign #ThreatActors #MustangPanda #GovernmentCybersecurity #InfoSec

27 Malicious Npm Phishing Packages Steal
Rad More: buff.ly/TNtJ2id

#NPMSupplyChain #MaliciousPackages #PhishingCampaign #DeveloperSecurity #OpenSourceAbuse #CredentialTheft #CriticalInfrastructure #ThreatResearch

Hackers Weaponize Trusted IT Tools for Full System Control  Malicious actors are weaponizing legitimate Remote Monitoring and Management (RMM) tools, turning trusted IT software into a means for unauthorized system access. This strategy represents a significant shift from traditional malware attacks, as it exploits programs like LogMeIn Resolve (formerly GoToResolve) and PDQ Connect to gain full remote control over a victim's computer, bypassing many conventional security measures because the software itself is not inherently malicious. Modus operandi  The core of this attack methodology lies in social engineering, where attackers trick individuals into installing these legitimate RMM applications under false pretenses. Security researchers have noted a significant increase in telemetry for detections labeled RiskWare.MisusedLegit.GoToResolve, indicating a rise in this type of threat. The attackers employ various deceptive tactics, including using misleading filenames for the installers. One common method involves sending phishing emails that appear legitimate. For instance, an email sent to a user in Portugal contained a link that, when hovered over, pointed to a file hosted on Dropbox. By using a legitimate file-hosting service like Dropbox and a trusted RMM tool, attackers increase the likelihood of bypassing security software that might otherwise flag suspicious links or attachments . In other cases, attackers set up fraudulent websites that perfectly mimic the download pages of popular free utilities like Notepad++ and 7-Zip, tricking users into downloading the malicious RMM installer instead of the software they were seeking. When a victim clicks the malicious link, it delivers an RMM installer that has been pre-configured with the attacker’s unique "CompanyId." This hardcoded identifier automatically links the victim's machine directly to the attacker’s control panel. This setup allows the attacker to instantly spot and connect to the newly compromised system without the need for stolen credentials or the deployment of additional malware . Because RMM tools are designed to run with administrative privileges, and their network traffic is often allowed by firewalls and other security solutions, the malicious remote access blends in with normal IT administrative traffic, making it extremely difficult to detect. Mitigation tips To defend against this evolving threat, it is crucial to be vigilant about the source of all software downloads . * Download carefully: Always download software directly from the official developer's website or verified sources. * Verify before installing: Check file signatures and certificates before running any installer to ensure they are from a trusted publisher. * Question unexpected prompts: If you receive an unexpected prompt to update software, verify the notification through a separate, trusted channel, such as by visiting the official website directly . * Stay updated: Keep your operating system and all installed software up to date with the latest security patches. * Recognize social engineering: Learn to identify the deceptive tricks attackers use to push malicious downloads .

Hackers Weaponize Trusted IT Tools for Full System Control #CyberFraud #PhishingCampaign #RMMTools

Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign instructions in both Kazakh and Russian read more about Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign

Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign reconbee.com/noisy-bear-t...

#NoisyBear #Kazakhstan #energysector #BarrelFire #phishingcampaign #phishingattack #cyberattack

Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads remote access tools (RATs) read more about Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads.

Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads reconbee.com/phishing-cam...

#phishingcampaign #Upcrypter #fakevoicemail #voicemail #RAT #payloads #remoteaccesstrojan

PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain PyPI website read more about PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain

PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain reconbee.com/pypi-warns-o...

#PyPI #phishingcampaign #fakeverificationemails #emails #verification #domain

Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign ASP passcode read more about Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign reconbee.com/russian-apt2...

#RussianAPT29 #GmailApp #passwords #phishingcampaign #phishingscam #2FA #cyberattacks

پاکستانی حکام کو نشانہ بنانے والی ایک حالیہ فشنگ مہم دیکھی گئی ہے، ایڈوائزری

مزید پڑھیے: www.aaj.tv/news/30459517/

#AajNews #CyberAttack #IndianCyberThreat #PhishingCampaign #PakistanSecurity #CyberAdvisory

Renewed APT29 Phishing Campaign Against European Diplomats - Check Point Research Check Point Research uncovers APT29 targeting European diplomatic entities with phishing attacks spreading malware Grapeloader

Renewed APT29 Phishing Campaign Against European Diplomats
research.checkpoint.com/2025/apt29-p...

#Infosec #Security #Cybersecurity #CeptBiro #APT29 #PhishingCampaign #EuropeanDiplomats

Roman Encryption Employed In Nearly 9K Phishing Attacks  Unpredictability is a hallmark of cybersecurity work. I doubt you expected to read an article linking Julius Caesar, the ancient Roman ruler, to almost a million phishing attacks so far in 2025. But, here we are. The phishing threat continues to grow, motivated by the lure of disseminating infostealer malware and exemplified by more sophisticated efforts, as the FBI has warned.  The majority of cybercriminals involved in phishing assaults are not malicious coding experts; rather, they are what you might refer to as low-level chancers, with little expertise but high aspirations for a lucrative payout. Phishing-as-a-service platforms, which eliminate the need for all that bothersome technical expertise, aid them in this evil undertaking. According to recently published research, Tycoon 2FA is the most popular of these platforms and that's where Julius Caesar comes in. It should come as no surprise that phishing is a persistent menace to both consumers and organisations. These are no longer the simple "you've won the Canadian lottery" or "I'm a Nigerian Prince and want to give you money" hoaxes of the past, but, thanks to AI, they've become much more difficult to detect and, as a result, much tougher to resist. As previously stated, the use of phishing-as-a-service platforms to accelerate attack formulation and deployment is especially problematic.  Barracuda Networks security researchers released a report on March 19 outlining a whopping one million attacks in January and February alone. This figure becomes even more concerning when you consider that one platform, Tycoon 2FA, accounted for 89% of them.  Nuch of this seems to be recent, with an outbreak in the middle of February, according to Deerendra Prasad, an associate threat analyst in Barracuda Network's threat analyst team, who stated that an investigation "revealed that the platform has continued to develop and enhance its evasive mechanisms, becoming even harder to detect.” The malicious scripts used to prevent defenders from analysing the phishing pages have been updated to help evade discovery, Prasad said. The new script is not in plain text, but—wait for it—encrypted using a shifting substitution cipher. Indeed, there is something called a Caesar Cipher. This works by replacing every plaintext letter in a string with another that is a specified number of letters down the alphabet.  To be honest, it's about as simple as it gets, because decrypting such messages requires only the shift number. It is named after Julius Caesar, who was known to use encryption to keep his personal communication private while in transit. "This script is responsible for several processes," Prasad told me, "such as stealing user credentials and exfiltrating them to an attacker-controlled server.”

Roman Encryption Employed In Nearly 9K Phishing Attacks #2FA #CyberAttacks #PhishingCampaign

Phishing Campaign Baits Hook With Malicious Amazon PDFs In their discovery, researchers found 31 PDF files linking to these phishing websites, none of which have been yet submitted to VirusTotal.

Phishing Campaign Baits Hook With Malicious Amazon PDFs
www.darkreading.com/cyberattacks...

#Infosec #Security #Cybersecurity #CeptBiro #PhishingCampaign #MaliciousAmazonPDF

Russian Star Blizzard Targets WhatsApp Accounts in New Spear-Phishing Campaign also known by the moniker Blue Callisto read more about Russian Star Blizzard Targets WhatsApp Accounts in New Spear-Phishing Campaign

Russian Star Blizzard Targets WhatsApp Accounts in New Spear-Phishing Campaign reconbee.com/russian-star...

#Russian #Blizzard #WhatsApp #whatsappdown #phishing #phishingattack #phishingcampaign #cyberattack

North Korean IT Worker Network Tied to BeaverTail Phishing Campaign BeaverTail malware has been used to target tech job seekers through fake recruiters, Palo Alto Networks’ Unit 42 has found

North Korean IT Worker Network Tied to BeaverTail Phishing Campaign
www.infosecurity-magazine.com/news/north-k...
#Infosec #Security #Cybersecurity #CeptBiro #NorthKorean #ITWorkerNetwork #PhishingCampaign

Facebook Businesses Targeted in Infostealer Phishing Campaign The threat actors sway its victims by impersonating the legal teams of companies, well-known stores, and manufacturers.

Facebook Businesses Targeted in Infostealer Phishing Campaign
www.darkreading.com/cyberattacks...
#Infosec #Security #Cybersecurity #CeptBiro #FacebookBusinesses #Infostealer #PhishingCampaign

Unknown threat actors exploit Roundcube Webmail flaw in phishing campaign Hackers exploited a patched Roundcube flaw in a phishing attack to steal user credentials from the open-source webmail software.

Unknown threat actors exploit Roundcube Webmail flaw in phishing campaign
securityaffairs.com/170055/hacki...
#Infosec #Security #Cybersecurity #CeptBiro #UnknownThreatActors #Exploit #RoundcubeWebmail #PhishingCampaign

German Cyber Agency Investigating APT28 Phishing Campaign The German cyber agency is reportedly investigating a phishing campaign tied to Russian state hacking group APT28 that used a bogus website mimicking an influential

German Cyber Agency Investigating APT28 Phishing Campaign
www.bankinfosecurity.com/german-cyber...
#Infosec #Security #Cybersecurity #CeptBiro #German #CyberAgency #APT28 #PhishingCampaign