Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

Unveiling SpiceRAT: SneakyChef's latest tool targeting EMEA and Asia

The new remote access trojan (RAT) dubbed SpiceRAT was used by the threat actor SneakyChef in a recent campaign targeting government agencies in EMEA and Asia.

TALOS
#web#mac#windows#google#microsoft#cisco#git#pdf#samsung#auth#chrome
SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques

Cisco Talos recently discovered an ongoing campaign from SneakyChef, a newly discovered threat actor using SugarGh0st malware, as early as August 2023.

SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques

Cisco Talos recently discovered an ongoing campaign from SneakyChef, a newly discovered threat actor using SugarGh0st malware, as early as August 2023.

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for defamation unless the story is retracted. Meanwhile, their attorney has admitted that the person Radaris named as the CEO from its inception is a fabricated identity.

'Vortax' Meeting Software Builds Elaborate Branding, Spreads Infostealers

The "Markopolo" threat actors built a convincing brand and Web presence for fake software to deliver the dangerous Atomic macOS stealer, among other malware, to carry out cryptocurrency heists.

'ONNX' MFA Bypass Targets Microsoft 365 Accounts

The service, likely a rebrand of a previous operation called "Caffeine," mainly targets financial institutions in the Americas and EMEA and uses malicious QR codes and other advanced evasion tactics.

Cut & Paste Tactics Import Malware to Unwitting Victims

"ClearFake" and "ClickFix" attackers are tricking people into cutting and pasting malicious PowerShell scripts to infect their own machines with RATs and infostealers.

Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer

Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called Hijack Loader, which then deploys an information stealer known as Vidar Stealer. "Adversaries had managed to trick users into downloading password-protected archive files containing trojanized copies of a Cisco Webex Meetings App (ptService.exe)," Trellix security

How are attackers trying to bypass MFA?

Exploring trends on how attackers are trying to manipulate and bypass MFA, as well as when/how attackers will try their 'push-spray' MFA attacks