Mysterious ‘Worok’ Group Launches Spy Effort With Obfuscated Code, Private Tools
The threat actor — whose techniques and procedures do not match known groups — has created custom attack tools, including…
EvilProxy Commodifies Reverse-Proxy Tactic for Phishing, Bypassing 2FA
The phishing-as-a-service offering targets accounts from tech giants, and also has connections to PyPI phishing and the Twilio supply chain…
New EvilProxy service lets all hackers use advanced phishing tactics
A reverse-proxy Phishing-as-a-Service (PaaS) platform called EvilProxy has emerged, promising to steal authentication tokens to bypass multi-factor authentication (MFA) on…
SharkBot malware sneaks back on Google Play to steal your logins
A new and upgraded version of the SharkBot malware has returned to Google's Play Store, targeting banking logins of Android…
Malware dev open-sources CodeRAT after being exposed
The source code of a remote access trojan (RAT) dubbed 'CodeRAT' has been leaked on GitHub after malware analysts confronted the…
FBI: Hackers increasingly exploit DeFi bugs to steal cryptocurrency
The U.S. Federal Bureau of Investigation (FBI) is warning investors that cyber criminals increasingly exploiting security vulnerabilities in Decentralized Finance (DeFi) platforms…
Hackers use AiTM attack to monitor Microsoft 365 accounts for BEC scams
A new business email compromise (BEC) campaign has been discovered combining sophisticated spear-phishing with Adversary-in-The-Middle (AiTM) tactics to hack corporate…
VMware Carbon Black causing BSOD crashes on Windows
Windows servers and workstations at dozens of organizations started to crash earlier today because of an issue caused by certain…
WordPress sites hacked with fake Cloudflare DDoS alerts pushing malware
WordPress sites are being hacked to display fake Cloudflare DDoS protection pages to distribute malware that installs the NetSupport RAT and…
Russia’s ‘Oculus’ to use AI to scan sites for banned information
Russia's internet watchdog Roskomnadzor is developing a neural network that will use artificial intelligence to scan websites for prohibited information. [...]