‘Nitrogen’ Ransomware Effort Lures IT Pros via Google, Bing Ads
Forget temps and new employees. A new malicious campaign compromises organizations through a high risk, high reward vector: IT professionals.
Fake OnlyFans dating sites abuse UK Environment Agency open redirect
Threat actors abused an open redirect on the official website of the United Kingdom's Department for Environment, Food & Rural…
PurpleUrchin Gang Embraces DevOps in Massive Cloud Malware Campaign
The Automated Libra group is deploying all components of its campaign in an automated manner via containers, stealing free trial…
Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages
Sites spoofing Grammarly and a Cisco webpage are spreading the DarkTortilla threat, which is filled with follow-on malware attacks.
Typosquat campaign mimics 27 brands to push Windows, Android malware
A massive, malicious campaign is underway using over 200 typosquatting domains that impersonate twenty-seven brands to trick visitors into downloading…
The Week in Ransomware – October 14th 2022 – Bitcoin Trickery
This week's news is action-packed, with police tricking ransomware into releasing keys to victims calling ransomware operations liars. [...]
Hacking group hides backdoor malware inside Windows logo image
Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware…
Hackers stealing GitHub accounts using fake CircleCI notifications
GitHub is warning of an ongoing phishing campaign that started on September 16 and is targeting its users with emails…
Threat Actor Abuses LinkedIn’s Smart Links Feature to Harvest Credit Cards
The tactic is just one in a constantly expanding bag of tricks that attackers are using to get users to…
Malicious PyPi packages aim DDoS attacks at Counter-Strike servers
A dozen malicious Python packages were uploaded to the PyPi repository this weekend in a typosquatting attack that performs DDoS…