Microsoft Alerts on OAuth Scams Targeting Public Sector
Microsoft has issued a warning regarding ongoing OAuth abuse scams that exploit phishing tactics to deliver malware, particularly targeting government and public-sector organizations.
Tag malware
Suspected North Korean Intruders Target US Healthcare and Education Sectors
Security researchers have identified a new backdoor malware, Dohdoor, linked to suspected North Korean cyber intruders targeting US educational and healthcare institutions since December.
Steaelite RAT: A New Tool for Double Extortion Attacks
The Steaelite remote access trojan combines data theft and ransomware capabilities, streamlining double extortion attacks on Windows systems.
Aeternum C2 Botnet Utilizes Polygon Blockchain for Command Storage
The Aeternum C2 botnet employs a blockchain-based command-and-control system, enhancing its resilience against takedown efforts.
Weekly Cybersecurity Recap: Key Incidents and Vulnerabilities
This week’s cybersecurity landscape reveals significant vulnerabilities and incidents affecting various sectors, including a zero-day exploit in Dell RecoverPoint and the emergence of new malware targeting Android devices.
SmartLoader Campaign Utilizes Trojanized Oura MCP Server to Distribute StealC Infostealer
A recent SmartLoader attack has been identified, leveraging a trojanized version of the Oura MCP server to deploy the StealC infostealer, targeting sensitive user data.
Google Links Suspected Russian Actor to CANFAIL Malware Targeting Ukrainian Entities
Google's Threat Intelligence Group has attributed a previously undocumented hacking group, potentially linked to Russian intelligence, to a series of malware attacks against Ukrainian organizations using CANFAIL.
APT36 and SideCopy Target Indian Entities with Cross-Platform RAT Campaigns
Recent cyber espionage campaigns have targeted Indian defense and government organizations using cross-platform remote access trojans (RATs).
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking and Malware Delivery
Cybersecurity researchers have identified a sophisticated framework named DKnife, linked to Chinese threat actors, designed for traffic manipulation and malware delivery via routers.
Critical Vulnerability in React Native Metro Server Under Active Exploitation
A serious vulnerability in the React Native Metro development server is being exploited to deliver malware to Windows and Linux systems, raising concerns among security researchers about the lack of public acknowledgment.
